An ISO Consultant Reveals Ten Myths and Legends of ISO Certification
What can you compare the job of ISO Consultant to? Occasionally, it seems a very strange job, running an ISO Consultancy. There are parallels with being a vicar, priest, or miscellaneous other minister of religion. Now, I wouldn’t say that being an ISO Consultant is a holy calling of The Almighty. However, in trying to interpret rules and standards from “on high” to a practical, workable scheme of things, like ISO 9001, and getting folks to embrace it in their daily working lives, there are great similarities.
And then there are the continual challenges of common misconceptions. Put simply, “myths and legends” that don’t really have much to do with the true essence of what ISO Standards are all about. Here are ten of them:
1. You can tell a good Quality/Environmental/Health and Safety System document by its weight/thickness.
No. “Less” is often “more”, providing it makes a difference to your business. It helps you meet your business objectives. Usually, concise systems are more effective. Because people are more likely to read, understand, and follow them.
2. Implementing an ISO based system, such as ISO 9001, is a major project and means you have to change the way you run the business.
Generally “No”, but there are usually a few things to be changed. All companies have “processes” , even if these aren’t documented. A good ISO-Based Quality Management System should be written around how you already do business, not consist of alien practices inflicted to get you through the certification. Your business is unique, and the ISO system needs to be based around that uniqueness. Protecting, nurturing and helping it grow. In short, it’s purpose is to support and formalise the good bits of what you’re already doing well, rather than impose badly-fitting bureaucracy.
3. The Quality/Environment/Health and Safety Manager is responsible for Quality/Environment/Health and Safety, and lives in their own world. Meanwhile, the rest of us get on with running the business profitably.
No. This might be acceptable if we lived in a world with no fines for breaking laws, and accidents never happened. However, in this area there are very serious implications for non-compliance. So ideally, there shouldn’t be anybody in an organisation whose operations aren’t affected by them. In successful companies, with well-designed ISO systems, no-one should be able to notice that they are actually working to a standard. They should truly be part of “business as usual”. It’s safer (and cheaper) that way, too.
4. All these quality systems are just government bureaucracy and don’t do anything for the business.
This is closely related to myth three (above) Although backed by governments internationally, properly-written business-focused standards should help, not hinder companies. A good Quality Management System should help you be more efficient and consistently meet your customer’s requirements. Environmental health and safety systems, although protecting your staff and surroundings, should also help you avoid large fines, some of which could be large enough to threaten the whole future of your business. Properly-implemented, they should lead to contented customers, more efficient activity, and better business.
5. Quality systems are really just about controlling documents. Therefore, if in doubt, sign everything.
Perhaps in the past, quality systems in particular were over- focussed on documentation. But changes over the last 10-15 years have aimed them much more at improving effectiveness and efficiency. That said, the control of information within a business remains important, and for good reasons. You can’t manage without documentation, but it should serve the business, rather than the business serving it.
6. We can hide our problems areas. If you manage the auditors properly, you can keep them in the Quality Managers office all day.
Being clever with the auditors and keeping them away from problem areas may be a crafty and useful tactic in the short-term. But if your systems are really any good, then you shouldn’t have problem areas that you aren’t addressing. However, if you do have weak areas, then honesty really is the best policy. If you are taking action to improve things, then auditors should respond positively, and letting them see what you’re doing can be positive for two reasons. Firstly, they know you are committed to improvement. Secondly, having seen lots of similar situations before, they may actually be able to offer advice. This is the “auditor as business improvement consultant” approach, and is highly effective.
7. It’s always best to keep your mouth shut and only give the minimum of information to the auditors.
Yes, but don’t expect to get a lot out of the audit if you don’t put much in. Make some more words up !
8. The auditors are only looking for reasons to fail you.
Funnily enough, in over 20 years’ experience of this environment I’ve rarely found an auditor who just wants to fail people. This is their job, day-in, day-out, and very few people can be so negative for so long. However, if you really don’t get on with your auditor, then change him. If the certification body aren’t helpful with this, then change them too. There are around 120 certification bodies in the UK so you have plenty of choice, and they all take very kindly to people changing from their competitors, so you might even find a lower cost alternative.
9. Environmental systems just increase your operating costs.
An Environmental Management System (EMS), such as ISO 14001, should not be about tree hugging and love for little furry animals. It’s no longer a PR-friendly “nice-to-have” marketing tool, but should be make very sound business sense. And why? Breaking environmental law now has very expensive consequences. It could even be enough to push you into liquidation. Ignorance of the legislation affecting your operations is no defence, so having a good environmental system which is properly maintained should keep your business lawful, and you out of jail. Yes, and I really do mean “jail”
10. If you get one well written set of risk assessments, then you’ve addressed your Health and Safety requirements, and the staff can carry on as normal with their everyday jobs.
Health and safety systems are now a commodity like most other things. If you just want some risk assessments then you could buy them in. But the value of such systems is in them being applied to real business life. Do you really want your staff knocking holes in walls without checking if there are mains cables hidden in the plaster, or driving stacker trucks without being trained ? Health and Safety isn’t a matter of documentation. It should be a matter of practice, though documentation and records are, unfortunately, required.
If you’ve read this far, then you’ve got a good idea of how I work.
Hopefully, you will get some idea of the challenges of being a ISO Consultant. There is an art in keeping compliance and business success in tension, which involves large amounts of both technical comprehension and hard-won common-sense. After over twenty years in the industry, and having advised many types and “flavours” of enterprise, I suspect that I may have at least a few things to offer to your organisation. And I’d be happy to “bust” a few more myths that I’ve not mentioned here.
So, if you need more plan-speaking from an ISO consultant, please be in touch!