Shifting Mindsets: From Tick-Box Culture to Strategic Management Systems

By Wilson Fernández

Introduction

For small and medium-sized enterprises (SMEs) and organisations seeking to implement and certify their Management System Standards (MSS), the journey can often feel overwhelming. With limited resources, competing priorities, and mounting customer or tender expectations, the temptation to take shortcuts is strong. Yet, certification pursued without strategy, leadership buy-in, and internal capability often leads to systems that exist on paper but fail in practice.

This article shares insights and practical guidance for SMEs and other businesses planning to implement and certify to MSS such as ISO 9001, ISO 14001, ISO 45001, or similar standards. It explores the common pitfalls, exposes industry behaviours that compromise long-term success, and provides a clear roadmap for building resilient, value-adding systems.

The Pitfalls of Consultant-Driven, Template-Based Systems

Many organisations engage external consultants to build their MSS. While not all consultants are ineffective, a significant number take a paperwork-heavy, template-driven approach. They populate generic documents, present them as customised systems, and walk away once certification is achieved. This often leaves internal stakeholders confused and disengaged.

The consequences of this approach include:

Non-value-adding documentation
Poor process alignment
No internal ownership
Disengagement post-certification
Frustration at leadership levels due to wasted investments

Understanding Why MSS Certification Fails to Deliver Value

The core issue lies not just with consultants, but with business owners and leaders who:

View MSS as a marketing tool or tender requirement
Believe certification is a one-off effort
Delegate the entire system to a single coordinator or consultant

This mindset leads to underinvestment in training, poor integration of MSS into business operations, and systems that stagnate or fall apart after the consultant leaves.

Refining Leadership Mindsets: Who Is Responsible?

Changing this mindset must start at the top. The responsibility is shared across:

Business Owners and CEOs: Must lead by example and understand that MSS is strategic, not administrative
Board of Directors: Should ensure MSS performance is reviewed at governance levels
Operational Leaders: Need to be engaged and accountable for how systems support daily work
Internal Champions: Quality, IMS, or HSE Managers must facilitate awareness and promote internal capability
External Facilitators: When engaged wisely, they can offer neutral, value-adding guidance

The Right Approach to MSS Implementation and Maintenance

To build an effective MSS, organisations should:

Appoint a Senior Executive Sponsor to oversee system implementation and performance
Conduct MSS Leadership Awareness Sessions to educate top leaders on risks, opportunities, and obligations
Start with a Gap Analysis: Conduct a structured assessment covering processes, products, services, and statutory & regulatory requirements. Involve process owners to identify current versus required practices
Treat MSS as a Strategic Project, Not a Technical Task: Assign a project leader from senior management. Develop a project charter, timeline, resourcing plan, and change management strategy. Engage internal stakeholders early to ensure systems reflect real operations
Embed Ownership at All Levels: Use the RACI model (Responsible, Accountable, Consulted, Informed) | RASIC model (R – Responsible, A – Accountable, S – Support, I – Information received/processed from R or S, C – Consulted) to define clear roles. Avoid centralising accountability solely to a manager, coordinator, or consultant
Invest in Awareness and Training: Deliver MSS awareness programs for leaders and teams at all levels and locations. Upskill internal auditors and operational teams—not just for certification, but to drive real improvement
Align MSS with Business KPIs: Integrate MSS metrics into business dashboards. Use audit results, risk indicators, and improvement actions as strategic insights
Formalise Consultant and Software Selection: Document evaluation criteria. Pilot tools before full implementation, with user feedback. Note: Select consultants carefully based on industry experience, coaching ability, and proven outcomes
Audit for Value, Not Just Conformance: Focus on effectiveness to ensure conformity, compliance, and continual improvement. Use appropriate tools to evaluate quality, safety, security, and applicable S&Rs
Conduct Regular Management Reviews: Include trends, risks, performance metrics, and improvement priorities. Use the reviews to drive accountability
Plan for Post-Certification Sustainability: Build a three-year MSS roadmap. Resource internal audits, training refreshers, and system updates. Ensure top management / Leadership team takes ownership through active participation in reviews, audits, and decision-making
Don’t Chase Certificates—Build Competence: Let certification be the outcome of good practice, not the goal. Focus on building a culture of quality, safety, and accountability

Selecting the Right External Consultants: A Critical Decision

Hired external consultants and professionals must not be selected on face value alone. Organisations must:

Carefully check their professional background
Verify industry experience aligned with the task at hand
Assess their reputation through references or industry networks
Request a resume or CV before committing to a business deal

Choosing consultants based solely on the cheapest quote is a high-risk approach. While it may occasionally work, in many cases it leads to wasted investment and superficial systems. A thorough evaluation process is essential to ensure the consultant brings long-term value and not just a quick fix.

Ethical Considerations: Consultant and Certification Body Relationships

It is increasingly common to observe consultants who either work for, or have strong networks with, certification bodies (CBs). In some cases, contracted consultants also act as auditors for CBs. These serious concerns about ethics, impartiality, and conflict of interest as outlined in ISO 19011.

Even if such consultants do not directly participate in audits for the clients they consult for, their associations often help CBs gain new clients through informal channels. This can result in smoother initial audits and accelerated certifications that may seem impressive but lack depth.

Organisations must be cautious of these tactics. Certification may be achieved, but it is long-term system performance and sustainability that truly matter. A quick certification, gained through backdoor networking, holds no real value if the system fails to deliver over time.

Equally concerning is the behaviour of some organisations that pursue certification solely for commercial reasons. Their objective is to “tick the box”—regardless of quality, risk, or improvement. This creates a toxic environment for employees or professionals tasked with maintaining the MSS. When leadership has no genuine commitment to the purpose and principles of the system, maintaining it becomes demotivating and futile.

These are real pitfalls observed across industries and must be acknowledged when planning MSS development and certification strategies.

False Solutions: The Misuse of Off-the-Shelf Software Tools

Some organisations, especially when chasing tenders, marketing credibility, or business expansion, rush into MSS certification without understanding the true requirements. In such haste, they often turn to off-the-shelf or online software solutions that claim to address multiple standards (e.g., QMS, EMS, WHS, ISMS).

Sales executives promoting these software packages use persuasive tactics and present the product as fully “compliant” with ISO standards. However, this usage of the word “compliant” in the MSS context is misleading. MSS compliance is not about software—it is about process, people, purpose, and performance.

These tools, while potentially helpful when used correctly, are often purchased without involving the internal MSS professionals or understanding:

The actual MSS requirements
Organisational process maturity
Risk, gap, and context evaluations

As a result, organisations find themselves with a system that looks good on screen but fails in practice. The software becomes a distraction rather than a solution, and leadership wonders why the MSS isn’t working.

This short-sighted purchase leads to:

Poor process integration
Misaligned roles and responsibilities
Inability to evaluate or manage real risks
No ownership of outcomes

Organisations must avoid these traps by consulting MSS professionals before investing in tools and by focusing on long-term system development, not flashy digital interfaces.

Resourcing MSS: A Non-Negotiable Commitment for All Organisations

Immaterial of the organisation’s size, type, or sector, developing and implementing a Management System Standard must be properly resourced and supported by management. It’s entirely possible to operate a lean structure, but that does not equate to under-resourcing or neglect. Initial hire of external consultants and experts may establish the foundation, but long-term success depends on internal commitment and the provision of adequate resources.

This issue is particularly prevalent in SMEs, where leadership may underestimate the need for ongoing system maintenance. The consequence? System deterioration, audit failure, workplace incidents, near misses, inferior product and service quality, or missed business opportunities. Therefore, leadership must assure:

Long-term resource planning for MSS
Internal capability building for continuity
Management oversight for continuous improvement

The Hidden Barrier: Trusted Advisors with Tick-Box Mindsets

A common blind spot arises when trusted senior advisors — such as CFOs, COOs, or long-standing partners discourage meaningful engagement with MSS due to their commercial focus. These individuals may:

Resist investment in systems
Delegate all system activities
Treat certification as a task, not a transformation

How to Recognise This Scenario: Few examples

Lack of leadership participation in audits and reviews
Budget resistance for MSS training or improvements
Recurring issues that are closed on paper but not in practice
Staff disengagement or high turnover in quality roles
Overreliance on consultants with no internal ownership

Certification should not be pursued to satisfy short-term commercial needs but as a long-term strategy to build trust, reliability, and performance excellence

Conclusion: From Certification to Transformation

Organisations–especially SMEs–must move beyond the mindset of “achieving certification” to “embedding systems that drive excellence.” This shift requires intentional leadership, internal engagement, and smart use of external support. Trusting advisors is good–but blind reliance on commercially-focused voices who downplay MSS can be costly.

Certification is not the destination. It’s the beginning of a journey towards building a resilient, conforming, compliant, and continuously improving organisation.

About the author

Wilson Fernandez is an experienced Management Systems Leader, Auditor, and Quality & Safety Professional with a global career spanning across engineering, manufacturing, automotive, infrastructure, and service industries. With deep expertise in ISO-based and industry-specific standards, he has successfully led initiatives in Quality, Health & Safety, Environmental, and Risk Management systems. Wilson has conducted hundreds of audits worldwide, applying process-oriented approaches and driving continual improvement.

He is passionate about sharing practical insights, highlighting regulatory responsibilities, and simplifying complex systems for real-world application. Through his articles, Wilson aims to raise awareness, build robust systems, and foster a culture of responsibility, safety, and quality across businesses of all sizes.

This article first appeared on Wilson Fernández’s LinkedIn page and is published here with permission.

The Auditor

An Exemplar Global Publication