Management: Make ISO Work for You
Though he served on the committee to help revise ISO 9001, Praveen Gupta has said that implementation of quality management systems is one of the top 10 killers of manufacturing. In a 2008 column for Quality, Gupta, president of Accelper Consulting (Schaumburg, IL), wrote: “It sounds counter-intuitive; however, recent focus on standardization and quality management systems has led to more registration audits, more quality auditors, and corrective and preventive action forms. Actually, quality management systems have diluted the executive involvement rather than enhancing the management responsibility.”
Some companies may find that the standard doesn’t work for them; it just creates more work. If you are looking for help in navigating ISO 9001:2008, consider that plenty of others have made it through the process. This standard is implemented in 176 countries, by more than a million organizations. With such huge numbers using this standard, results obviously vary. It may work well for one company, but cause only headaches at another. So, what ensures that the standard will work for your company?
It's the intent that countsExperts agree. If you follow the standard’s requirements but not the intent, the standard won’t provide much value. And the intent of ISO 9001 has changed over the years. While the original version of the standard focused more on quality control, the most recent versions in 2000 and 2008 focused on quality assurance, or “preventing things from going wrong,” says Roderick Munro, RAM Q Universe business improvement coach (Reno, NV) and the 2006 Quality Professional of the Year. With the latest versions, the focus shifted to having close contact with customers and satisfying what they want, instead of inspecting products after they were made. ISO 9001:2008, the fourth edition of the standard, did not introduce new requirements.
ISO 9001:2008 aims “to enhance customer satisfaction in supplier-customer relationships,” according to the ISO website. Note that it says nothing about making business more complex or adding a lot of unnecessary paperwork. The focus is on the customer.
Customer satisfaction is the main reason companies get ISO 9001 certification, followed by market need, mandated customer requirement, and self-declared conformance, according to a July 2011 ISO survey that received 11,722 survey responses from 122 countries. The survey found that the most important benefits of ISO 9001 were improved customer satisfaction and standardized business processes.
Not to say that there aren’t areas for improvement. The survey found “64% of respondents consider ISO 9001:2008 will be ‘okay, but with enhancement’ and 27% consider it will be fine as it is. 5% considered the standard to be ‘no longer relevant’.”
Though ISO was designed to yield consistent processes and satisfied customers, it is often used simply for a marketing advantage. To get advantages beyond the marketing, companies should ask themselves “What is the core business? What do we do in this business?” and from there focus on how to satisfy the customer, according to Munro. “The hope would be if they do it well there should be a return on investment,” Munro says. “Why would an owner want to do something that wouldn’t have a return?”
Companies must consider how they will assess the costs of poor quality, customer complaints, and all aspects of the cost of quality, Gupta says. This does not always happen.
“In reality, it became get the certificate to gain the confidence of the customer to get the business. Overall the quality has improved in the industry, but the cost of improving the quality has been higher also. To me, when quality improves, we should be doing less quality,” Gupta says. “Before they hire outside help, [companies] must internally commit to get value out of it. If I’m implementing ISO, it should dramatically lower the cost of quality.”
Unstoppable ISOThough it is a voluntary standard, the ISO organization notes that “15 technical meetings are in progress, on average, each working day of the year somewhere in the world.” With so many organizations using ISO standards, from multinationals to small businesses, sometimes specifics are needed. “ISO9001 for Small Businesses – What to do: Advice from ISO/TC 176,” may help. This handbook, first published in 1996, is one of the most successful ever produced by ISO. And not just in the United States. Editions have been published in places such as Bulgaria, Estonia, Hong Kong, Hungary, India, Japan, South Africa, Sweden and Uruguay.
Denise Robitaille, principal of Robitaille Associates (Southborough, MA), lead the ISO group of experts that developed the handbook. While she has seen the standard work, she’s also seen some “malicious compliance.” While many companies implement ISO, they don’t always do so willingly. “What’s the point of doing it kicking and screaming?” asks Robitaille. “In an organization, you never do something that doesn’t create value. It’s foolish. Find the value.”
Finding ValueFocus on the goals of the standard and consider what is required and why. Gupta has seen companies have two sets of documents: one to get certified and one to actually use. Perhaps this follows the letter of the standard, but it misses the intent. He suggests bringing in outside help that promises a continually improving system-not simply a documented one. The goal is to look at what processes work, and which ones don’t, and the ultimate goal is to look at what kinds of procedures are needed.
“The most important thing we’ve found besides preparation for process is targeting. Companies need to build in a defined target for each process performance, and then assess the results. Quality is defined as achieving the targets defined by customers,” says Gupta, who has found up to simple process management can lead to great improvements.
Then, once the company has developed these techniques and deployed them, it should be an integral part of every employee’s system. Another key: meaningful and frequent management reviews. Having them once a year was not the idea, says Gupta, who suggests that quality systems should be reviewed as frequently as finances.
And remember to keep the customer at the forefront. “It’s all connected to the customer requirements,” says Joseph Sorrentino, CEO of Lean Quality Systems (Dana Point, CA). “The system sits dormant until the contract from the customer comes in.”
The amount of controls should be based on the customer’s needs. A common mistake, according to Sorrentino, is to develop a system for the most extreme customer case, when in fact they should do the opposite and develop a system for the average customer.
Though ISO should help customers, it can also help a business survive. Having documented systems in place protects companies from disruptive changes in personnel. “A lot of times, owners of small companies, because they’ve birthed the company, it’s their baby, and all decisions made by one person,” Sorrentino says. This can lead to disastrous results. In the last four years, Sorrentino has worked with three companies after the owner died. “The assumption is that the rest of the company knew how to run it,” Sorrentino says. Not so. “The owner knew everything and controlled everything. Once he was out of the picture, it became a free for all for power, very disruptive for product, employees and customers.”
Adhering to ISO standards can help business, as long as it is done well. Though the process is time-consuming, it is important to remember that it is not a new or going away anytime soon. Though the ISO 9001 standard has been in place for 25 years, it has its roots in much older systems. “There are all kinds of buzzwords,” Munro says, “but it still comes down to the basic core processes started by Walter Shewhart in the 1920s.” Q
Tech TipsIf you follow the ISO9001:2008 requirements but not the intent, it won’t provide much value.
Aim to improve the business rather than simply collect a certificate.
Don’t bring in outside help that simply promises a documented system.
ISO on the small side
ISO registration, the process of auditing and certification, can seem like a daunting task for a small company. It is a tedious process involving lots of paperwork that seemingly offers little advantage in return. So why would a company go through this certification themselves, rather than just insisting that their suppliers are ISO certified? The answer is that the quality management process is customer centric, and ISO certification demonstrates consistency within an organization.
When a potential customer visits your website, it is not the size of your company that interests them, but rather the quality of your products and your ability to ship them. As potential customers can be located anywhere in the world, the presence of certain internationally recognizable symbols of quality is important, encouraging visitors to look through your website and buy your products.
The logo indicating ISO registration, and ISO 9001-2008 certification in particular, says several things about your company. It indicates that you have a quality manual defining how your company will perform to ISO standards, and states your quality policy and quality objectives. It also demonstrates that you have specific instructions for each manufacturing and service process, and job descriptions for each employee. The ISO logo provides the assurance that you maintain records of any problems that may arise, the root cause analysis of those problems, and that you will establish preventative measures to avoid their reoccurrence in the future. Finally, it says that your company holds periodic internal audits to monitor your performance towards these objectives.
Receiving quality products from your suppliers is critical in maintaining the satisfaction of your customers. For a small company, however, it is difficult to ensure the quality of products you will receive when your suppliers may not even be in the same state or country as your operation. A quick visit to negotiate pricing and confirm production quantities and on-time delivery is not enough. However, when all parties in the supply chain are ISO registered, the consist quality of inbound parts, raw material, and purchase order and shipping processes is ensured.
In companies of any size, mistakes can occur. And while ISO certification requires that a corrective action procedure be in place when problems arise, small and large companies will often handle quality issues differently. In smaller companies, issues are brought to a company’s attention via internal methods or from the receipt of a customer corrective action request (CAR). After receiving a CAR, the first step is to analyze the issue and perform a root cause analysis of the problem. This can completed in a number of ways, including using flow charts to identify process variances; histograms to establish the frequency of an issue; fishbone diagrams, so several participants can contribute ideas; and arrow diagrams to show the required order of tasks in a process.
In a smaller company, it is often more productive to attack the problem directly. Go over the appropriate procedure with employees until a variance is observed, and then ask for their ideas on how to change the process. When corrective and preventative measure are identified and documented, employees can be trained on the new process.
For companies of 10 people or less, the cost of obtaining ISO 9001-2008 certification can range from $5,000 to $15,000 when using a consulting firm to get you started and past the initial certification audit. Yearly surveillance audits, in addition to re-certification audits every three years, will cost an additional $5,000 to $10,000. Audit prices increase with the size of the company, and can cost $100,000 or more for large companies.
While ISO 9001-2008 registration is certainly a major expense, it can also reduce costs significantly in the long run. Employees generally like to work for a company that listens to its employees, encourages feedback, and involves them in problem solving sessions. This activity reduces employee turnover and subsequent hiring and training costs, not to mention the loss of productivity. And while corrective action requests may seem like a painful process, in the end they will eliminate costly errors in supply, manufacturing and shipping. These efforts in turn increase customer service and customer retention.
Richard G. Ward is the director quality and logistics at Alliance Memory (San Carlos, CA). For more information, call (650) 610-6800, e-mail email@example.com or visit www.alliancememory.com .