By Julius DeSilva
ISO 9001 certifications have seen a decline during the past two years, per data from the International Organization for Standardization (ISO). Some say the standard has gotten too complicated with the introduction of organizational context, risk-based thinking, and the removal of mandatory documented procedures. Even a few of my company’s clients have considered letting their certification lapse because conformity to the new standard was perceived as too complex.
To certify or not
Let’s begin by looking at the purpose of ISO 9001. The standard provides a framework for organizations looking to put in place a system that will enable them to consistently deliver products or services that meet their customers’ requirements and enhance their satisfaction. ISO 9001 certification is external validation that the system meets the requirements of ISO 9001. However, ISO 9001 allows organizations to use the standard and self-declare conformity without incurring the cost of certification. Many argue that there is no value in doing this. This is probably correct if you are implementing a system to meet a contractual or customer requirement. In these cases, certification is a requirement.
Waning trust in the system
Organizations that implement ISO 9001 for the benefits it will deliver in improved productivity, reduction in process waste, and management of risks have seen the bottom line improve with time. (Guasch, L. J., Racine, J.-L., Sanchez, I., and Diop, M., Quality Systems and Standards for a Competitive Edge, World Bank, 2007.) If implementing the standard enables consistent quality, why then the reluctance? Perhaps the trust in the ISO 9001 certification process has declined over time. Often have we heard from quality managers of the challenges faced when they raise nonconformities in internal audits. These are often viewed as finger-pointing exercises because the certification body has already audited and “cleared” (i.e., certified) the system.
We have also heard from clients of certification bodies and auditors wanting to view documented evidence of organizational context, stakeholder needs, and risks. However, the standard does not require these to be documented and leaves it up to the organization to determine the risk of not doing so. Some auditors, however, struggle with auditing undocumented systems and auditing to the new standard. (Fonseca, L. and Domingues, P., “The Results Are In,” Quality Progress, Oct. 2017.) As a result, organizations start documenting their systems for the auditors and certification bodies, which results in a system tailored for auditors and forced on the organization. Auditors are meant to provide inputs to top management to help them make better decisions; instead, auditors and audits now have become the product. The standard’s intent to act as a preventive tool gets lost in this compliance process. The system must be designed for employees, not for auditors.
Supplier audits
During the past two decades there have been several mergers and acquisitions leading to larger multisite organizations and (perhaps as a result) a reduction in certifications. As these organizations have grown, and maybe in part owing to the declining trust in the certification system, they have decided to conduct their own supplier audits. As such, suppliers have chosen to let their certifications lapse because they are nevertheless being audited by the customer and that is the audit that really counts for them.
Supplier audits are more focused on the customer contractual requirements. Organizations that perceive ISO 9001 as a documentation burden will then document only the parts of the system to meet contractual requirements rather than to meet the organization’s requirements based on ISO 9001. These organizations fail to see that ISO 9001 leaves the extent of system documentation up to the organization and often perceive the standard as requiring everything to be documented.
Conclusion
Although quality does matter, and customers are still looking to receive a quality product, oftentimes incorrect interpretation of the standard leads many to forgo ISO 9001 certification. At times other certification requirements, like CE marking, may be more desired and certification to two standards burdensome. In that case, ISO 9001 certification gets the boot.
Organizations looking to gain the benefits of a quality management system need not reinvent the wheel. ISO 9001 provides the framework that essentially reflects business 101. If you don’t need ISO 9001 certification, then you can self-declare and let the doubters come and assess your system for themselves. In the meantime, you will still gain from a well-implemented management system. Remember, you already have a system that has brought you this far; align ISO 9001 to your system, and not your system to ISO 9001.
About the author
Julius DeSilva is a senior vice president with Quality Management International Inc. A former merchant marine officer, he has assisted organizations of varied sizes across a wide spectrum of industries implement process-based management systems conforming to ISO and other standards. He is well versed in the following standards: maritime safety/security, aerospace, environmental, supply chain security, and quality. He teaches, consults, and audits in these disciplines, including process improvement and leadership-related topics. DeSilva received his MBA from the Darden School of Business, University of Virginia. He is a PECB-certified ISO 9001 lead auditor and is a member of the Nautical Institute.
This article first appeared on the Quality Digest website and is published here with permission.
The basic premise of Quality = Certification and the decline of Certification = A decline of Quality is incorrect.
Decline in certification has nothing to do with decline in Quality.
Organizations are establishing methods to ensure product and service quality that enhance customer satisfaction that are more in line with customer and industry requirements vs. ISO requirements.
Some of the major causes of decline in certification can be traced to the certifying bodies failure to deliver service quality to enhance client satisfaction, in numerous areas, including planning and auditor competencies.
Well stated. In my view the fault for declining interest in ISO 9001 rests entirely on the registration bodies. There has been a failure to up sell ISO Management standards as risk mitigation tool. Board rooms ought to be pushing this. Up selling would command a higher fee and thereby the ability to engage auditors with a true sense of business. It is embarrassing the things that transpire during an audit and the “value added” notions that many auditors believe they bring to the table. Not to fault them, they are doing the best they can with their limited ability for strategic perspective on a business operation.
Good information, ISO 9001 consultants in Philippines ISO 9001 tremendously benefit your business, profitability and advantage, similarly as give marketing ISO Certification in Philippines.
ISO 9000 was an obvious crock from the beginning. As a quality manager in a very profitable shop I did not see it as useful. Back then the term ‘bureaucratic burden’ was not part of my vocabulary now look at all the pointless paperwork. The owner said we had to get registered because our big customers were pushing it. During this time those same customers started pushing SPC and nobody in the shop thought that would improve quality so we filled out the charts in the beginning of the shift and carried on. These two schemes created a quiet pervasive ‘dysfunctional compliance’. The stats were dummied up to get 1.33 Cpk, then 1.5 Cpk, and then 2.0 Cpk. The audits were another exercise in creative writing. The 3rd party auditors had no manufacturing experience and their findings reflected their dismal observations. The whole crock can be summed up as, ‘any fool can make a rule and every fool will follow it’.
Most auditors, I agree, have never run businesses successfully using the standard, and is enmeshed with their organization’s desire to earn and get clients. Strategic planning, for one, is something they cannot audit if they were never a part of an organization that practiced it.
Sad, but the standard is a framework for running the business, and the results are what you measure. It’s a first step to Baldrige.
Why blame the tool , if the user is not using it for intended purposes?
Thanks for sharing a knowledgeable post.
ISO 9001 certification has always been a scam.