Scott Parsowith is an Exemplar Global-certified ISO 9001 lead auditor and the current president of Lions Quality International who is attempting, unsuccessfully, to retire.
Previously, he was the director of quality for the CCL Label Pharmaceuticals division, manager of quality at Bethlehem Steel for high-liability products (such as nuclear power plant reinforcing bars) and projects (such as the Alaskan Pipeline), and an instructor of quality management systems at Penn State University.
In this conversation, we chatted about quality and auditing in the time before ISO 9001, his views on the place of risk within quality management, and his advice for how to succeed as an auditor today and tomorrow.
EXEMPLAR GLOBAL: How and why did you begin auditing quality management systems?
SCOTT PARSOWITH: I graduated from Columbia University with a bachelor’s degree in metallurgy and started a job with Bethlehem Steel in 1976. In the course of time, I worked my way up to quality manager and metallurgist and received a lot of training in the quality field. I supervised the quality manufacturing processes for the Northern Tier Pipeline. It’s better known as the Alaskan Pipeline, and products are still running through it. It was X70 steel pipe with a PSI exceeding 70,000, so the quality systems really needed to be excellent.
Through my career I attended a lot of training, and I thought it would be very useful to share that knowledge with the American Society for Quality, both locally and around the world. I was one of the first people in United States certified to audit against ISO 9001 back in the late 1980s.
Fairly early in my career, I started doing part-time instruction in the evenings at Penn State University centering on quality management and quality auditing functions. Many of my students came from Caterpillar, Harley-Davidson, and others within heavy industry. As ISO 9001 evolved following its initial publication in 1987, I was given the opportunity to provide a lot of input to the framers of the standard. I also trained many auditors through Quality Management International, a training firm for lead auditors. In 1995, I wrote a book called Fundamentals of Quality Auditing, published by Quality Press. When Bethlehem Steel very sadly went out of business, I formed a group called Lions Quality International, where we trained, consulted, and developed quality systems internationally.
In addition, in 2006, I joined a company called CCL Label, where I worked my way up through the ranks until I was made director of quality for their pharmaceutical printing division. We had seven facilities in North America, at which I was responsible for the quality systems as well as internal auditing, external auditing, and the auditing of our supplier base. I still consult for many firms, and although I don’t do much publicity, I have helped a lot of companies achieve certification to ISO 9001. So, as you can probably tell from all that, I’ve lived and breathed quality throughout my career.
EG: That’s quite an impressive background.
SP: Actually, I forgot to mention something else which I think is important. I helped write one of the first auditor qualification exams for the American Society for Quality. ASQ locked us in a room for many weeks and we ended up publishing 155 questions for that exam. It was intended to make sure that the auditing profession was uniform and consistent, and we really worked hard to make sure that we included the right criteria for the right reasons.
EG: How did one assure quality in the pre-ISO 9001 world?
SP: That’s a great question. Most of the companies I was dealing with in the 1980s were using a military standard, MIL-Q-9858, published by the U.S. Department of Defense. Few of those organizations had much in the way of written documentation at the time, although they tended to be very robust on internal quality processes. ISO 9001 caused people at these organizations to realize not only that they needed to get their processes documented, but that there was value in that effort. So, there was a certain amount of acceptance to ISO 9001 as well as some significant resistance to it. My philosophy has always been that quality and productivity should work hand in hand. Therefore, my approach to getting any organization to accept ISO 9001 and become certified to the standard was always along the lines of, “OK, you’ve adopted these systems. Now let’s get consistency, and the only way to achieve that consistency is through documentation.”
That was my take on it. A lot of companies that resisted the standard at the beginning, quickly saw the beauty of it and its 20 elements, which I like to call the “20 Elements of Utopian Quality Control.” They had the systems to begin with and we were trying to achieve standardization. Quality systems are based upon a written procedure that people must follow along with what we might call the “finesse.” It’s an art and a science, and if we can get the art to become a science and the science to become an art, that’s when we get consistency, productivity, and quality systems and quality management to work together.
We were dealing with high-liability outputs, such as those produced by the naval nuclear industry and heavy manufacturing, such as Harley-Davidson. We found it extremely important to properly document all systems to achieve consistency. To do that, we interviewed numerous people regarding the best practices for each shift and got them all talking and debating with each other. We then documented best practices.
That provides you with a sense of what quality was like before ISO 9001 and during the time the standard was being adopted on a large scale. There was a lot of independence, and there was a lot of art around, but quality management wasn’t necessarily a science. That’s what we brought to the table and that’s what ISO 9001 brought to the table. It forces organizations to look at themselves and say, “OK, well, fine, now we know the art of how we manage quality, but have we made it a science?” After they’ve considered that, they need to think about writing it into a document, training people, working with people to come up with best practices, documenting those best practices, and auditing against those best practices to make sure that the quality systems are above and beyond what the standard requires.
EG: Listening to you talk about the origins and early adoption of ISO 9001 makes one think about the nature of risk in the standard. Risk-based thinking was, of course, made overt in the 2015 version of the standard, but was the need to assess risk inherent in the ISO 9001 before then?
SP: It absolutely was NOT new in 2015. I believe it came in when ISO did away with the warehousing standard, ISO 9003, the language of which moved to ISO 9002 before finally being fully incorporated into ISO 9001. The 20 elements of quality management always had risk assessment and the plan-do-check-act cycle within a theoretical framework, but ISO 9001 brought it to light more. The 2008 version of the standard really brought in the concept of risk assessment before the documentation piece came out in 2015. It was interwoven into the early military standards because military personnel were insisting that processes be done right the first time, with a minimum of waste and no accidents.
When I was with Bethlehem Steel, I attended a meeting with high-ranking members of the U.S. military regarding the manufacture of shell casings. All of us at Bethlehem Steel were seated on the right-hand side of the table and the military people were sitting on the left. One of the top generals in the country at the time walked into the meeting; we didn’t know who he was but everybody on the left-hand side stood up immediately. At that moment we were going over the standards for military shell casings, talking about very detailed specs. This general just said, “I just want you to make it right and not kill any of our people.” And then he walked out of the room. So that was the standard, and that set the levels of appropriate risk. When you realize that you’re producing something or training people on how to make something, whether it’s ammunition shells or the bearing on a car or reinforcing bars for nuclear power plants, you need to do it right. Everything involves a risk, even for a company making shirts.
EG: Most every process has a failure mode that could, conceptually at the very least, kill someone.
SP: Yes. There’s a risk to everything that we do, and companies wouldn’t be in business a long time if they fail at assessing and mitigating critical risks. They may not even be all that dramatic but are still of major importance to the business. Let’s go back to the shirt-company example. If the sleeves don’t align where they meet the shirt, although it probably won’t hurt anybody, it doesn’t look right, either. There’s a risk there to the company’s reputation, to its ability to remain in business.
So, everything involves a risk assessment. That translates as the need to do your process right the first time and follow the plan-do-check-act cycle. ISO 9001 and the other key ISO management system standards, again, applied a level of science and rigor to the process. I think many companies were somewhat reluctant to embrace ISO 9001 at the beginning because they thought it was going to be something like a trade war, in that failing to be certified meant that the organization would be unable to work with such-and-such company or in this-or-that country. It turned out to be more of a learning experience, and even a legacy, for many organizations. For so-called “Mom-and-pop” companies, as an example, certification to a standard like ISO 9001 could help keep the business running in the event that someone, perhaps one of the founders, passed away. That way, the tribal knowledge about processes and procedures is properly documented and kept alive within the organization, and they can stay in business for many years to come.
Some of the best quality systems that I have audited use what I call the internal pre-assessment, which I’d like to share with the auditing and manufacturing communities, if I may.
EG: Go right ahead.
SP: This assessment is intended to get companies ready for a third-party audit of ISO 9001 or any other standard. I’ve been using it for many years because it helps break down the barriers between production and auditing. Auditing and productivity should work hand in hand and come to some agreement about best practices and the potential gains of having a standardized program. For some of the companies that I worked with, management really had most of the answers. When a third-party lead auditor comes in, that auditor is looking at the auditee’s processes from 20,000 feet in the air. But who knows the house better than somebody who has been living there? When you go to sell your house, an inspector comes in to see what might be wrong. You’ve been living in your house for many, many years. However, you know where all the problems are; it’s just a matter of which problems you want to fix and how you can fix them in the most cost-effective manner possible.
What I implemented for organizations wishing to get ISO 9001 certified is a pre-audit checklist in which upper managers were assigned the responsibility to do the assessment themselves for their departments. I would ask in a very straightforward manner: “How do you do this?” and then match up processes with the various elements of the standard. I gave them that pre-audit assessment so that the organization could rate themselves from 1 to 10 on each element of the standard. Because we had gotten top management buy-in from the beginning, those top managers would give the assessment to the supervisors and managers responsible for those processes. They would then have a month to respond by indicating how compliant they were with the language of the standard.
When I reviewed the responses, sometimes I would read things like, “I don’t know what you’re talking about,” so I would train that department. Sometimes we would get a lot of fours and fives from the respondents, which meant that the area needed work. More important, top management knew that the area needed work. Sometimes we would get all nines and tens, which meant that those working in that area thought they had a great system in place. And that was a good start, even though when I followed up a couple of months later with my independent audit, I validated the true state of play, which showed them where the issues were. After that, they generally agreed that there were more problems than they had realized at first.
This process helps categorize the highest risk of failure by department. It makes clear what units are doing well, and which need more training.
EG: Given all you’ve seen in your time in this field, what advice would you give to people just starting their careers?
SP: I think they need to be very open-minded regarding different approaches to quality management in general, and not embrace the idea that any particular system is the best. No one system is perfect, but as I’ve mentioned a few times before, the art and the science need to go hand in hand. As auditors, sometimes we get caught up and think, “Well, this is the way that standard says it, so this is the way it has to be.” We often have preconceived ideas, and I’ve seen this numerous times when I was the auditee, and an auditor would come in with what they perceived as the best quality system. The flavor that works for one company may not be the flavor that works for another company. However, ISO 9001 gives you enough latitude to meld the art into the science. For upcoming auditors, it really needs to be stressed that we are always learning, and we can learn from every company that we audit.
When production, manufacturing, quality, management, and auditing are working together, the plan-do-check-act cycle helps drive successful outcomes. But how do we get to that the end point? We need some flexibility to make sure that everything is done properly for the fish tank we’re living in. By that I mean, we have 20-gallon fish tanks and 50-gallon fish tanks, and what may be good in a 20-gallon environment may not necessarily be good for a 50-gallon one. So, you really need to absorb all the training and knowledge available and become a warehouse of knowledge. Learn and communicate. We’re always learning and we’re always communicating. For companies to be successful, we need to control processes, and successful audits help management with that control and thereby drive the right decisions for the right reasons.
EG: That’s so well stated. You’ve really given auditors both old and new a lot to think about.
SP: And here’s another point, if I may: If anyone reading this needs any help, I’m happy to provide it. I retired three years ago, and I love traveling and spending more time with my family. However, I also love talking about standards and working with auditors and auditees, so if anyone would like to communicate about issues you may be having, I’ll always make myself available. I can be reached at firstname.lastname@example.org.