Inderjit (IJ) Arora is the president and CEO of Quality Management International Inc. (QMII). He has a 32-year record of achievement in the military, mercantile marine, and civilian industries. Arora serves as a team leader for consulting, advising, auditing, and training in management systems, specializing in several ISO and industry-specific standards. He is an Exemplar Global-certified lead auditor and a member of the U.S. TAG to ISO/TC 176, the committee responsible for the ISO 9000 family of standards.
Arora is a popular speaker at universities and forums on management systems, conflict management, crisis communication, and leadership, and his writing has appeared in numerous industry publications.
In this interview, we chat about his varied career; remote auditing before, during, and after Covid; and how we can better educate young people about the opportunities to be found in a career in quality.
EXEMPLAR GLOBAL: How did you get started in the field of management system auditing?
IJ ARORA: Much of my professional life was spent as a naval officer in India. When I came to the United States, many times I was asked, “Do you have a naval academy in India?” and I would explain that in fact it is a very well-respected naval academy where lots of foreign nationals are trained. I commanded two conventional submarines and was trained in Russia with the command team for India’s first nuclear submarine. I worked with multi-ethnic, multicultural, and multinational crews in the mercantile marine. I was boarded by pirates, I saw deaths, and I was one of the few people who lived through a nuclear accident on a nuclear submarine. All this has enabled me to study leadership in a crisis and given me an understanding of management systems, leadership in business, team building, and crisis communications.
When I migrated to the United States, I helped companies improve their management and organizational structures. I then got an offer from the Liberian ship registry, which is the second-largest ship registry in the world and is located in Virginia. This was a great opportunity, because as vice president of maritime security, auditing, and safety I had worldwide exposure. That gave me exposure to international pressures, owners’ interference, how they compromise safety, and differentiating between auditing and inspection. After all, auditing is looking at processes, and inspection is looking at the product. Many people are not clear on this—they mix-up inspection and auditing. I came to realize the inspection will fail if the system doesn’t work and the auditing is not strong. You see, we try to infuse quality by injecting inspection, which is a blunder.
EG: It’s the well-known statement that you can’t inspect quality into a product.
IA: Correct. You have to build your system and have robust auditing to get objective inputs to ensure continual improvement.
After some time in this phase of my career, I got an offer from Quality Management International Incorporated. I wasn’t keen to make a move because the Liberians had looked after me well. I told my late wife that I wasn’t interested in joining this small company, but she told me, “IJ, we are immigrants. Success in United States is not determined by the money or things you have, but in taking advantage of an opportunity when it comes.” They had offered me a partnership, and my wife thought that it didn’t matter if they were paying me less, because I had the opportunity to become an owner. And after some changes, I came to be at the helm at QMII.
The team here at QMII have had some great successes. We designed the management system for the eastern federal highways, which is quite a privilege. We were the consultants for the development of the United States Coast Guard’s quality management system. We have also done a lot of work with the U.S. Army and the U.S. Air Force. We have been partners with Exemplar Global for more than 30 years.
The process-based management system approach was always within me, it just needed the right orientation. I completed lead auditor courses and, in combination with my maritime experience, I now consider myself a subject-matter expert in the process-based management system approach.
EG: I wanted to drill a little more deeply into the high-risk, high-security nature of your experience because there are some unique aspects to auditing in, say, a military environment. What are some of the special considerations of that type of audit?
IA: There are a lot of consultants, and most of them are trying to sell templates. But when I ask some of these clients later why they created their system to match the clauses of a standard, they say it is because it is easy to audit. This implies that the system has been designed for the auditor and for the purposes of getting certified. It is not meant to be used.
I would like to ask those auditors, when you audited this system, did you speak to clause five, did you speak to clause four? You spoke to process owners, you spoke to top management, you spoke to a supervisor, and each of them has a process. Therefore, the system must be written to the processes.
How many organizations have you seen that have a core process? If I ask the leadership for their own processes, they will say that they have key processes, but no process showing the interaction and sequence of processes, representing the core process as applicable to leadership. There must be that one process that ties all the key support processes together, and this is called the core process. Although the standard does not call it the core process, clause 4.2.2 of ISO 9001:2015 says that you must show interactions and sequences. How do you show it if you don’t put all these processes into one core process?
Here’s the answer to your question: I feel the pains of leadership. I’ve been in command of submarines. I know what the leader wants, and it’s return on investment. That leader has to ask questions like “What is the context of our organization?” “What are my risks?” “Who are my interested parties?” “Have I understood them?” and “Are we doing the right things?”
I look at it from his or her perspective regarding the risks to the organization because I understand it. It’s very difficult to answer how and what I do, unless you have a core process, so I always start with the core process, the risks involved, and see that down the line these will be met. I’m creating a system which will function, which is led from the top. And I also make sure that the specific work instructions communicated to the bottom rung of the organization flows from the policy.
Another major error people make is that, even though there is a clause for measurable objectives, they do not convert the policy into measurable objectives before implementing the process. That system must be sequential.
EG: It’s really a systems-based approach rather than looking at the organization as a set of silos based around clauses and sub-clauses. Of course, obviously as an auditor you need to make sure that there is an understanding of what the language means and how it translates to the organization, but you also build the value streams of the organization around the edifice of standard. You need to look at the organization as a system to understand if the processes make sense within the context of the language of the standard.
IA: Your management system should be seen from the point of view of the employees and top management, not from the point of view of the auditors. Auditors must do their job. Of course, we don’t want to reinvent the wheel when it comes to the clauses. But these processes then should meet the clause requirements. I’m happy at the end of the audit to put the clauses on one side and the procedures on one side and tell you where they meet, but you don’t work in clauses, you work in processes. The system must deliver a conforming product, and it is the job of the process to deliver a conforming product or a conforming service. The processes must be there, and then the inspection comes later. Auditing is looking upstream, and inspection is looking downstream.
EG: I’d like to ask you about some of the changes we’ve seen from stemming from Covid. What are your thoughts about remote auditing, for example?
IA: Even before Covid, ISO 19011 came out with remote auditing as an option in 2018.
We all have to orient our minds to technology. For example, we work with a wonderful company that have been with us for 10 years. They have grown during that time, and they opened a factory in Vietnam. I audit this facility, and I’ve done so remotely from before Covid. This has been very successful. The facility has very good internet. If I want to listen to the sound of the machinery, the local team connects me to the requested location on their floor. If I want to speak to a technician, the camera is focused perfectly. Were there problems the first time? Sure! Did I have to work hard on my questions and my checklist, and what I want? Sure… again, but only for the first or maybe the second time. Now, when I am auditing the site (and it’s already about the fifth time I’ve done this) it is very smooth. The net result is that I’m able to do a very good audit remotely. I don’t think it brings them any less value.
Remote auditing works. Professionally, it works; from the perspective of time savings, it works; and in terms of cost effectiveness, it works, too. Travel is removed for all parties. How am I going to go from here to Vietnam without being jet lagged and tired on the first day? Would you expect me to audit more efficiently that way than at home?
EG: It really is a cost-benefit analysis, and from that perspective, flying to Vietnam and back from the United States doesn’t offer a lot of benefit. There has to be a high level of benefit to make it worthwhile for you to be there in the flesh.
IA: And those who complain that a remote audit is not the same, with all due respect, I think either they haven’t caught onto the technique or they are not working hard enough in preparing for the audit. In the past, an auditor had a question, a requirement, and a process to witness. Now, in addition to those three, you can decide how to see the site and that could mean remotely.
EG: It really requires a lot more preparation and a lot more thinking through an organization’s structures. Documentation is a big piece that really needs to be thought through beforehand, and the auditor needs to be working with the auditee to think about those things beforehand.
IA: I don’t have to work nearly so hard auditing that Vietnamese facility at this point. Now they are all prepared. They know that I will ask them to take pictures, so they have two cameras charged, and the internet is be at peak efficiency, and the like.
EG: As we’re hopefully getting to the point where worldwide travel will commence once again post-Covid, do you think that there will be some of those people that will say, “Well, we want to go back to doing it the old way, we want to fly in auditors and have you here.” Or has that gone for good?
IA: I don’t want to make a guess on it, but I hope we will accept some saving on unnecessary travel if we can achieve the same goal, which I think we can. If some people want to go back to old habits, I think a lot of perfection that has been gained in this art based on science will be lost; actually, we should think of improving it more. Maybe a cyclical approach would work? After three or four remote audits, one could be done in person. I see no reason why any logical, objective person knowing the purpose of an audit would choose a more expensive option when the less expensive alternative is just as effective.
EG: From the perspective of kaizen, in many cases that would be considered overprocessing, I suppose.
IA: I agree. There are always special cases, though. If you are doing an audit of a nuclear facility, you probably want to go and see them. But for everyday audits, I say, use your discretion. I do not say across the board, but most of the audits you can do remotely.
EG: May I ask you a little bit about training? What lessons do you pass down to people that you train?
IA: I think the greatest asset I add to my training is a lot of hands-on work. Why? Because the training must result in competence.
It is the wisdom of ISO 19011 that the standard does not say retain records of training; instead, it says to retain records of competence. Knowledge and competence are not the same thing. You may be knowledgeable and not competent, and you may be competent but not knowledgeable. The two have a bearing on each other, but must be distinguished.
I have toured many universities and I notice that they have set up their own processes, even for lead auditor training. But their instructors are generally professors, not practitioners. Their graduates may earn MBAs that will enable them to have great, important, meaningful careers, but do those university courses teach them to properly gather inputs? I am talking about the check stage of the PDCA cycle. In my opinion, this is the greatest weakness in the PDCA cycle, because top managers don’t understand what objective auditing is all about. Auditing looks at the process and inspection looks at the product or service.
Again, this is why the training QMII offers is hands-on. It is designed to help students achieve competence.
EG: Auditing requires some very specific abilities: technical knowledge, people skills, organization. It’s a good career. Given that set of facts, how do we recruit people to come into this industry to replace those of us that will be retiring in the next few years?
IA: This is a question which has concerned me many times. I did the management system for Saskatoon University in Canada. On the side, I told them I would be happy to deliver free lectures to their students on the process-based management system approach, which is my specialty.
But are kids in high school even aware there is a career like this? No. They grow up and start working and maybe pick up information about quality along the way, or somebody encourages them to pursue quality. When they are in school, they may want to become a pilot, or join the Navy, or be an engineer, or work at NASA. How many of them want to get into quality? Probably zero.
Quality just isn’t noticeable enough to reach out to those at an impressionable age and prove that this is a good career. We have to be able to reach out to schools and explain what quality is about. The PDCA cycle is running everywhere in life. Everyone is complying to ISO 9001 without knowing it.
Every leader who says, “Oh, there was a failure… it is an individual’s fault and you didn’t consider all the risks” is just blaming culture. The moment you see someone blaming individuals instead of considering system failures, it is an indicator that a good system is not in place. As Dr. Deming said, “A bad system will let down a good person every time.” And I will give you Dr. IJ’s corollary: “A good system will enable even an absolute nincompoop to manage for a very long time.”