It’s time to take a temporary break from the theoretical social-emotional development stuff and put the management system back hat on. I’ve been involved in several ISO9001 start-ups and re-toolings over the past twenty years, both internally and as a consultant. It’s been a hands-on chance to get a good feel for what works and what doesn’t.
Some of the following is Wisdom of the Ancients-things I’ve read or been told in my dealings with registrars and other assessors. Much of it is direct observations, summarized from my personal journal of this sometimes crazy management system journey.
One thing is certain: it’s tough to do everything right in a management system startup, but doing just a few things up front can dramatically increase the chances of achieving an end result that is effective and well-received by those the organization counts on to make it work. Several critical success factors and potential barriers are highlighted here.
“What Is” in a Nutshell
ISO9001 is an internationally recognized management model designed to guide a wide range of enterprises to more effectively execute their business plan. Organizations use the standard to demonstrate the ability to consistently provide products and services that meet customer and regulatory requirements. A steering committee of sorts assembles on a regular basis to review and improve the standard. Significant revisions are normally released every 6-8 years. My last ISO experience was with the 2008 revision, and 2015 saw the latest upgrade.
There are “shall” statements and “should” statements. A “shall” requirement means the company must show how they do it. There may be some “shalls” the company does not do because their processes do not require it or they simply did not consider doing it. For the first, exception clauses are included. For the second, if needed some additional elements may need to be added.
ISO is “non-prescriptive”—the company is not forced to do what they already do differently unless, while reviewing the standard, a better way of doing something is uncovered. ISO is a great benchmarking source as it holds the collective wisdom of numerous international experts. So while comparing current practices to the standard, process owner / experts may find a better way to do their work. This happens a lot, and it’s a great fringe benefit of ISO system design.
Certification does NOT mean the quality of an organization’s product or service is assured! It simply means there is a system in place that, IF consistently executed every day, ensures that requirements are met. Big difference!
Set Scope Wisely, and Strategically
The ideal is goals that are aligned with the rest of the company’s strategy, goals that people can easily connect to. Alignment is actually an ISO “shall” but too many design teams go to great lengths re-creating the wheel. You already have a vision, mission and strategies. Incorporate them into your quality policy and objectives, and the terminology you use.
_______ is a premier provider of _______. We have committed to the ___ standard to ensure we consistently, efficiently and effectively meet requirements in all departments and surpass internal as well as external customers’ expectations.
If certification is not a compulsory, externally-driven requirement, scope is yours to determine. Cover the bare bones—the “shall” statements only—and certification may be pretty painless, or use the disciplined best practices of ISO to develop a comprehensive business model. You’ll get out what you put in.
Sure, you can save money and “do” ISO without a registrar, without getting certified…IF the company has the discipline and the gumption to implement what is necessary then DO it every day, not just when it’s convenient. Hate to say it, but that kind of commitment is hard to find. A well-selected registrar is not just an external, impartial watchdog. The registrar can also be an invaluable business partner who ensures you get maximum return for your efforts.
Is it a “shall”? If so, how do YOU do it?
If it’s only a “should” would it help your business? If so, do it.
Say what you do, then do what you say you do, every day.
Then, prove it and continuously improve it.
Aim Low, Go Slow for Starters…
…but sight in on meaningful targets. It’s overwhelming to charge into documenting the whole enchilada at once, and it can be frustrating to set and (try to) stick to a comprehensive Master Plan / schedule. The right starting points establish enthusiasm, buy-in and momentum. People will see it makes sense, it removes gray areas from their work, and it even makes the work easier with fewer delays and mistakes. A little ROI never hurts either: see Dollars and Sense below.
Identify 3-4 work processes, not just “low hanging fruit” but areas where you’re experiencing an unusual amount of problems. When owners map their processes, then study and apply the standard’s relevant elements it never fails—improvements are sure to be identified, in both ease of task and quality of outputs. And people are learning how to do this ISO stuff too.
Shamelessly (But Honestly!) Sell the Benefits
Whether or not the cert is your primary driver, “we’re doing this to get certified” should never, EVER be publicly stated. Leadership must have a relevant, meaningful and believable pitch. Do-ers must believe that the management system is good for them, good for the business. Not cod liver oil good…tastes horrendous, but fixes what ails you…rather, they must believe that the management system will help their work get done better, smarter, faster, easier.
Identify some of your company’s specific issues or ongoing problems that the management system will address. Very clearly spell out the benefits of applying specific ISO elements to those issues. You will create “want in” rather than “thou shalt comply, or else.” Big difference.
A Little Dollars and Sense Never Hurts…
In an article for ASQ’s QP magazine, Oscar Combs summarizes results of a Harvard Business School study comparing 916 organizations that have adopted ISO 9001 and 17,849 non-adopters. As Combs explains, the “business benefits” enjoyed by the ISO 9001 organizations included higher rates of survival and growth, increased wages, enhanced productivity, reduced waste, and improved health and safety performance.
“ISO 9001 offers more than quality benefits. The standard should be thought of as a business management tool an organization can use to drive value, improve its operations and reduce its risks.” – Oscar Combs, Standard Wise
Communicate and Demonstrate
Share with people what is happening and why throughout design and implementation, and ongoing application including current status and future plans. They must see the management system in action. Look for success stories and loudly trumpet the before / after. And, hate to bring it up but that pesky “leadership by example” thing is essential.
Watch Your Foul Mouth!
Unfortunately, ISO terminology is peppered with confrontational words and negative connotations: compliance, audit, conformance to requirements, nonconformance, corrective action. No wonder the townsfolk board up their windows and hide the women and children in the cellar when the assessor posse rides into town.
Andre Agassi once said “Image is everything”. For ISO too, a good image sure helps, and part of it is nothing more than what you call things:
- We aren’t “compliant to the ISO standard”. We have committed to a set of management best practices to improve our results.
- We don’t “audit”. We assess our system’s effectiveness. IMPORTANT: assessments do NOT judge a person’s performance, only whether the system is working and being followed!
- We don’t “conform to requirements.” We do what’s necessary to exceed customer expectations at all times.
- Assessors don’t find “nonconformances.” They identify opportunities to improve the system.
- We don’t take “corrective action.” We initiate improvements.
Broad Ownership, Broad Improvement
The management system is much bigger than “product quality” alone. Position ISO as a tool capable of managing all aspects of the business, ensuring that goals are met, desired results are achieved, and customers’ expectations are exceeded.
Get ISO out of the Quality Assurance closet where it is traditionally hidden, starting with appointing a non-QA person as management representative if at all possible. Enlist assessors (!) from all walks of life and don’t train them to just go out and catch nonconformances. Assessors become process experts with new eyes and are an extremely valuable resource to the areas they assess. Assessors are management system ambassadors, and each assessment is a PR event for the ISO-based system as well as a learning experience for both assessors and those being assessed. The “closing meeting” shares results with the assessed area. It’s an invaluable learning opportunity.
Engage the Troops
Engagement is that magical state where people put forth exemplary effort AND are getting the maximum level of satisfaction out of their role…they are busting their butts and are darned happy to do it. Their hands, hearts, and heads are all fully utilized. There is plenty of research and data that clearly shows the correlation of high engagement to double digit bottom line improvements.
It’s good business to design engaging elements into the management system. Success hinges on two basic motivational truths: the people doing the job know it best, and involvement builds commitment. Bring the troops in early and often in the design and ongoing maintenance and improvement of the system, and keep them in. Their ongoing commitment and full engagement is assured.
“What is the ONE Determinant of System Success?”
That was the “time to summarize” question from the registrar selection team for my biggest project. The “winning” response has proven to be an absolute truth, whether an external assessment team or an internal assessment: the first, most critical area to examine every time is the corrective and preventive action process, starting with how past assessments and findings are handled. Is the assessment schedule maintained? How well are corrective actions reported and closed with true root cause analysis then followed up on to ensure actions are sticking? Last, are preventive / continuous improvement actions formally and effectively pursued?
Simply: say what you do, and verify you are doing what you say you do every day. If you’re not, resolve the issue! If you are, IMPROVE! ISO9001 is really as common sense as that.