What’s Wrong With ISO?

A Million Organizations Can’t be Wrong… Can They?

http://www.dreamstime.com/-image19762255The International Organization for Standardization (ISO) reports that over one million organizations have been certified to the ISO 9001 Standard for Quality Management Systems — Requirements [1].

Constructing and implementing an ISO 9001 – compliant quality management system in a manufacturing facility is a formidable piece of work, especially for those that don’t have some sort of formalized, process – focused quality system already in place. Once in place and operational, an ISO 9001 – compliant quality management system requires continuing attention and upkeep. And, ISO 9001 compliance is usually certified by third – party registrars [2]. Certification requires third – party compliance audits, usually on a recurring basis, to confirm that the continuing attention does happen.

Why Bother?

There are two primary reasons why organizations construct, implement and maintain a certified ISO 9001Quality Management System:

  • Pressure from customers, the market, the home office, or other stakeholder prompts some organizations to do so. That is to say, they are reacting to external influences.
  • Other firms recognize that a process – focused system for assuring process output quality[3] is applicable to all business processes, hence to value adding activities in general. Control over output quality from value adding activities is, rather obviously, an important handle on adding value, hence on competitiveness. For such firms, an ISO 9001 system is a fundamental internal management tool.

Then What Happens?

Firms that are reacting to external pressures generally find their ISO 9001 system to be a rather annoying burden. The tendency is to do the minimum required to remain in the good graces of their third – party auditors (including customer auditors, along with compliance auditors). There is a “meet the minimum” mindset.

Those firms that recognize their ISO 9001 system as a fundamental internal management tool generally want to quantify internal benefits and to extend both the scope and the depth of the system that creates those benefits.

Where to Start?

ISO 9001 is intended as a set of basic requirements. Start by confirming that you are doing the basics well [4].

  • Begin by reviewing your Quality Manual in view of your experience since it was written. In particular, review your Quality Policy and your process for setting Quality Objectives. Quality Objectives should follow from Quality Policy, and progress toward achieving Quality Objectives should generate quantifiable benefits. Make your objectives and your progress toward those objectives clear and accessible.
  • Add a continuous improvements log to your documentation. When you change your system (meaning your business processes, how you operate your business processes, and/or your quality management documentation), you likely do so in order to improve. Log all of your improvements. Describe what you did, when you did it and why you did it. Also quantify the improvement, to the extent you can. You will find that the list of improvements grows quickly. Make the log accessible to everybody, so continuous improvement becomes apparent to all.
  • Take a hard look at your internal quality audit procedure. Audit for process effectiveness and for opportunities for improvement [5], not just for petty discrepancies. Done well, internal audit offers real insights for improvement.

Then What?

Once it is clear that continuous improvement is taking place, it may be time to increase the scope of your quality management system. There are several possibilities for doing this. Some, or all, may be appropriate for your situation.

  • You can add capabilities to your ISO 9001 system. For example, you might add Failure Modes Effects Analysis (FEMA) to your arsenal of continuous improvement tools. Or you could integrate your Safety program into your ISO 9001 management system. ISO 9001 provides the basics. You can add what makes sense to add in your situation.
  • ISO 9004:2009 Managing for the Sustained Success of an Organization is intended to provide guidance on how to extend your ISO 9001 management system. ISO 9001 and ISO 9004:2009 are designed to fit together seamlessly. Please notice that ISO 9004 does not set requirements, so compliance and certification are not at issue. ISO 9004:2009 is like a roadmap to organizational Sustainability. Like a road map, which roads you should take depend on where you are and where you want to go at any given time.
  • ISO 14001 Environmental Management Systems – Requirements with Guidance for Use specifically addresses how your organization interfaces with the natural world. ISO 14001 does pose requirements, and certification to the requirements of ISO 14001 is usually sought. An ISO 14001 compliant Environmental Management System is intended to be separate from, but structurally similar to an ISO 9001 compliant Quality Management System. Think of them as like two brothers who resemble each other but perform different tasks.
  • It is possible to use an ISO 9001compliant Quality Management System as a foundation for a Sustainable Operations Management System. Better yet, the transition from the basics to a comprehensive Sustainable Operations Management System can be accomplished step-by-step over time. Begin with a functioning ISO 9001system, then expand with ISO 9004 and/or ISO 14001. Additionally, there are at least two dozen other ISO guidance documents, each of which addresses specific aspects of sustainable operations. One or several might be useful as a system expands and matures.

The real point in all of this is that your business is composed of business processes. Business processes are intended to add value. Adding value is the life blood of your business. Management systems are tools for managing the outputs from business processes. Sharpen your tools.

Oh… There is nothing wrong with ISO, if you choose to use it.

Chuck at Rene 2 - August 2014Thoughtful comments and experience reports are always appreciated.

…  Chuck Harrington



P.S: When it is time for your business to pursue Sustainability, contact me — C.H.

ISO Graphic: Dreamstime, www.dreamstime.com


[1] ISO Standards are available on-line at www.iso.org

[2] The ISO organization does not certify compliance, nor is third-party certification required by the ISO 9001 Standard. 

[3] The term “quality”, as used here and in the ISO 9000 series of standards, refers to the “degree to which a set of inherent characteristics fulfills requirements” (ISO 9000-2005, para. 3.1.1), where the “set of inherent characteristics” refers to a specific process output. Hence the term “quality” can be applied to just about an “inherent characteristic” that management deems appropriate to control (including the cost of processing).

[4] If your firm has isn’t certified to ISO 9001, see Toward Systematic Management, this blog, at: http://blog.jerasustainabledevelopment.com/2012/01/25/toward-systematic-management/

[5] There are many books available on quality audit. I like Dennis Arter’s Quality Audits for Improved Performance, third edition, ASQ Quality Press, Milwaukee (2003). Also, you should be aware of ISO 19011 Guidelines for Quality and/or Environmental Management Systems Auditing, available at www.iso.org