ISO 9001: What’s in it for you?
Why should your company care about ISO 9001?
Let’s say you own (or work for) a small-to-mid-sized business. You know your customers, and what they need. You know how to give them what they want. Some months are busy, and others are slower; but either way you work hard and keep the doors open. Then someone asks you if you’ve certified to ISO 9001. Why should you? What’s in it for you?
There are three answers to that. But first, stop and remember a couple of things.
First, the decision to implement ISO 9001 is a business decision. You want ISO 9001 because you are going to get something out of it. Some small businesses forget this fact, and try to implement a huge system that might look good for General Motors. Don’t make that mistake. All your work should be proportional to the benefit you are going to get.
Second, there is a difference between adopting ISO 9001 internally, and getting a certificate to hang on the wall. To adopt it internally, all it takes is to buy a copy of ISO 9001, read it, and do what it says. All the work is yours. To get a certificate, you have to start with that part too; but then you have to pay an external auditor to assess your operations once a year, and you have to pay a Certifying Body to process that external audit report and issue you a certificate. So getting a certificate costs more than adopting ISO 9001 internally. Is it worth it? You decide that by looking at the benefits, just like you’d make any other business decision.
So what are these benefits? As I noted, there are three of them.
The first is that ISO 9001 gives you an organized way to handle your operations. And mostly it is all common sense, built into a system.
- Know who wants things from you, and what they want.
- Know the risks and opportunities that you face.
- Get the training you need.
- Plan your operations systematically.
- Keep records when you need them.
- When things go wrong, study what happened and figure out how to keep it from happening again next time.
- Decide what metrics or indicators you want to watch, to tell you whether you are on track; then, once you’ve picked them, pay attention to what they say.
- When your metrics show you are off-track, analyze what went wrong so you can get back to where you belong.
And so on.
As I say, when you start to implement it, you find that most of ISO 9001 is based on common sense. You’ll find some requirements that you’ve been following since Day 1, without ever knowing they were in the standard. (For example, if you don’t know who your customers are or what they want, you won’t get far.) And of course you’ll find other requirements you haven’t been following yet—but when you read them you’ll smack your forehead and wonder, “Why wasn’t that obvious to me before?”
There’s a common misconception that ISO 9001 means all your products are flawless. It doesn’t. But it does mean that when you make a mistake you can learn from it. There are requirements in the standard that when something goes wrong, you analyze the situation, find the cause, and then make changes so that cause cannot recur. And therefore the mistake won’t come back. This means that your work might not be flawless, but it is always getting better. Your work this year will be better than it was last year; and next year’s will be better still.
The advantages of organizing your work in a systematic way and learning from your mistakes apply to everyone. You don’t need certification to realize them. The other two benefits are narrower, because they accrue only to companies that get certified.
One benefit of certification builds on what you have achieved in your internal implementation, and supports it. After all, when you adopt any system, there’s always the risk that you end up fooling yourself with it, using the terminology just for show but not applying the principles in a way that really helps you. An external auditor can catch that. External auditors may not know a lot about your business in particular (though they should at least understand your industry); but they have seen countless other businesses over the years and so they have a good understanding of what works and what doesn’t. If you misunderstood some section and applied it in a way that’s not effective and not helping, your external auditor will call it out so you can correct it.
Now, to be clear an external auditor is not a consultant. As long as you are following all the requirements of the standard, it’s not his job to give you extra advice beyond that. Also, an audit involves a sampling of the evidence at your site. The auditor may not see every little place that you fail to conform to the standard, just because some points may not be part of the sample he selected. But when there are important problems—problems that prevent your system from working successfully—auditors always find them. That’s been my experience over many years, and that of everyone else I know. Sometimes it is almost uncanny. And once the system is working well, you’ll find any smaller problems on your own.
The other benefit of certification is that sometimes the market requires it, or your customers do. Obviously this depends on your market and your customers. If you run a hamburger stand, you can implement ISO 9001 (if you want to) but most customers probably won’t care. If you make electronic components, you’ll find it is pretty much mandatory. If you build parts for automobiles or airplanes, you’ll have to certify to larger standards that include ISO 9001 and add on other requirements as well. Many years ago I worked for a small startup, and our largest customer told us we had to be certified by January 1 or they would no longer buy from us. Our CEO explained this to the whole team in an all-hands meeting, and then added, “The absence of alternatives clears the mind wonderfully.”
To recap: The decision to implement ISO 9001 is a business decision; and like all business decisions, you have to weigh the costs against the benefits. Also, you can implement ISO 9001 internally and stop there, or you can push ahead to seek certification. The advantage of implementing ISO 9001 internally is that it helps you organize your operations in a systematic way and learn from your mistakes. If you pursue certification, there are two additional benefits as well: first, the external perspective of an auditor helps keep you honest about what you are doing; and second, some markets or customers require that you be certified before they will do business with you.
Michael Mills, who writes for isoTracker QMS software, has managed quality systems in large and small companies for close to thirty years. He is a member of ASQ and ISO TC 76 and has audited to ISO 9001 since 1996. He blogs regularly at https://pragmatic-quality.blogspot.com/.
Comments (0)
This post does not have any comments. Be the first to leave a comment below.