It has been more than 20 years since the ISO 9000 series of standards was launched. Having been implemented at approximately one million companies, one wonders what ISO 9001 is supposed to do for a company besides issue a certificate of registration and pacify ISO 9001-hungry customers.
ISO 9001 has gone through revisions, growing pains and an evolution over the years. Corporate gains have been mixed and so are perceptions. As the gains range from merely obtaining a piece of paper (the certificate) to practicing an effective management system, so too, does its perception range from an unnecessary evil to a great business tool.
The original intent of ISO 9001 was to practice a sound management system using benchmarked practices documented as requirements, and then if a customer wanted to see formal deployment of the system, the certification program was designed to obtain third-party validation. One can see that the intent was to meet customer requirements and improve existing processes.
Real-world deployment became certification-driven for a quick marketing advantage rather than a guideline for a sound management system. Internally “document what you do and do what you document” became the mantra, effectively turning the quality management system into a rigid documentation system that sometimes had no relevance for the organization. It was written for third-party auditors to do their work, assess compliance by examining the documents and issue a certificate.
Soon it was recognized that something was not going right with the deployment of the ISO 9001 standards. They were perceived to be fulfilling the minimal intent of quality by merely meeting customer requirements. As a result, industry-specific derivative standards for auto, medical and aerospace were developed.
The 2000 version of ISO 9001 attempted to remedy implementation challenges by making it performance-driven. ISO 9001 was restructured to align with business objectives, made more flexible and intended to lead the drive toward excellence. ISO 9001: 2000 incorporated features of other popular guidelines for quality management systems. Less emphasis on documentation led people to go back to old habits of inconsistency.
The intent of focusing on performance could not be evaluated effectively by auditors so the desired results appeared to be lacking. Issues of deployment of process thinking, identifying performance measurements and clarity of goals for performance improvement remained. In some ways it took the documentation teeth of its earlier version, tied auditors’ hands behind their back by giving an effectiveness lever to the organization and produced inconsistency of interpretation by organizations. As a result, the excellence continues to elude implementation and the value of standards remains questionable.
The way standards are implemented, it appears that it is not the standards that need to be changed; instead it is the implementation system that needs to be fine tuned for development, deployment, control, audits and results. Standards must drive excellence in operations beyond compliance, must have teeth and must be clearly communicated as intended.
The goal should not be to have every organization ISO 9001 certified; instead every ISO 9001-certified company should be able to achieve its business objectives and receive value. One of the weakest links in the deployment of quality management system is the Management Review process. It takes a back seat to the requirements for management commitment that are hard to measure. One can almost see a direct correlation between the effective management review process and the overall performance of the management system, including the bottom line.
Overall, the ISO 9001 standards are intended to help organizations achieve excellence through customer focus, defining and documenting processes, training employees, auditing for deployment, and measuring and monitoring to identify opportunities to improve, thereby leading to corrective actions for achieving excellence.