I am interested in whether the implications of ISO9000 registration differ between companies who seek quality improvements as opposed to those under pressure from customers to attain registration.

I would be grateful for any comments about this subject.

Jackie Eeles

Here are my thoughts.

ANY registration should be a portion of a continuous improvement effort. Registration, in and of itself, does not improve a organizations’ position.

...as opposed to those under pressure from customers to attain registration.

There is a distinct difference between ISO registered and ISO compliant.

I know folks, that you cannot become ISO compliant, just shorthand for here.

Regards,
Don

I think this is pretty self evident - if you force a company to comply, the compliance will typically not be 'significan't - the tenor of the company in general typically will not change. I say 'typically', because some companies do 'get the idea'.

Companies seeking better quality, whether thru ISO9000 or other tools and/or philosophies like TQM are on the track anyway.

Ask your self:

What's the difference between a person (or company) being forced as opposed to a person who wants to do something which is not necessarily popular.

Don stated it well - that latter company (does it to improve) has a philosophy of continuous improvement.

Jackie,

I believe that if you are pressured, you are less likely to embrace the positive benefits ISO can bring. When mandated by the Customer, the suggestion is that you are not running your company well. So if you get ISO Registered, then everything will be fine. Pure imagination.

Organizations who embrace the positive aspects of ISO (as well stated by both Marc and Don) are interested in doing things better and are on the Continuous Improvement course. For that matter, ISO Registration becomes an ancillary benefit since the goal they seek is much higher than that of a documented QS.

Just some of my thoughts. Back to the group...

[This message has been edited by Kevin Mader (edited 04-12-99).]

…because some companies do 'get the idea'.

This is too often rare. Take the QS 9000 mess. Companies are forced to become registered to QS 9000 to supply that market. But, what percentage actually become registered to improve its position and what percentage become registered because they are under pressure from customers to attain registration. I suspect the latter is much higher.

I believe that if you are pressured, you are less likely to embrace the positive benefits ISO can bring.

Sadly, true. With much good stuff in the ‘quality model’ that is ISO 900x, why is so much of its potential ignored? Because organizations fail to see it as a model, they see it as a solution. Bull!

So if you get ISO Registered, then everything will be fine. Pure imagination.

Agreed, pure imagination indeed.

Registration becomes an ancillary benefit since the goal they seek is much higher than that of a documented QS.

Yea, sorta like the icing on the cake.

Just the ramblings of an Old Wizard Warrior.

Regards,
Don

Here's another perspective on the QS-9000 mess, key word being "another" and not necessarily "right" or "good"

Take the QS 9000 mess. Companies are forced to become registered to QS 9000 to supply that market.

It's a lot harder to "fake" Qs-9000 registration than it is to "fake" ISO -9001 registration. By "fake" I mean instituting a quality add-on just to get a certificate. Unlike ISO, QS requires the use of FMEA, control plans, documented continuous improvement, and SPC. There is no doubt in my mind that if QS didn't require (FMEA, SPC, CI, etc..) we (an ISO certified company) would not have them. You can still fake these initiatives, but it soon becomes apparent that you are spending just as much time faking these programs than you would if you gave them due diligence. I will admit that being forced to have them is not the ideal situation, but if we were not forced to institute these programs, they would never be implemented. At first (FMEA, SPC, CI, etc..) these programs were token, but they are now proving their worth. In addition, these programs keep me employed. I'm convinced that a lot of companies would have QC based quality systems if they were not forced by ISO/QS. I bet there's a lot of other quality professionals who are glad companies are forced to get ISO or QS.

Maybe a topic for another forum, but good auditors should be able to distinguish the difference between a good quality system and a fake quality system. IMHO auditors should concentrate on the root cause of the problem: commitment to quality by management. I haven't met too many quality mangers who want (or institute) a fake quality system. Inadequate quality systems are usually the result of the limitations placed on the quality system by the decision makers.

Christian,

Sadly you are right. Too bad. ISO has become transparent. Registrars out for the bucks destroyed a good concept.

Regards,

Kevin

Christian,

Good thoughts. I like ‘em.

As far as ‘mess’ goes, my only thought was to illustrate the difference between voluntary compliance and non-voluntary compliance.

It's a lot harder to "fake" QS-9000 registration than it is to "fake" ISO-9001 registration.

Under the assumption that companies are trying to ‘fake’ registration (there are a lot of ‘em out there), this statement is true. As more opportunities for failure are available, the law (statistics) states that the probability of noncompliance is higher.

At first (FMEA, SPC, CI, etc..) these programs were token, but they are now proving their worth.

I would (have?) considered these programs not token at all, unless the company implementing them thought them as such. I have always found them to be of extreme value (My FMEA course was late 70’s or early 80’s vintage. Cannot remember which. 60’S left overs).

... but good auditors should be able to distinguish the difference between a good quality system and a fake quality system.

Christian, agreed, in part. But, as an assessor (not an auditor), my function is two-fold. Am I assessing against a standard or am I assessing against the company’s readiness? If I am assessing against a standard, my function is to determine compliance (not noncompliance) against that standard ONLY. If my function is to determine a company’s readiness, THEN it is my place to determine their conformance to expectations. The difference between the ‘letter of the law’ versus the ‘intent of the law,’ so to speak. If an organization asks me to assess against ISO 900x, then my function is to determine if they are in compliance, not to determine if they are ready for the next level.

...auditors should concentrate on the root cause of the problem: commitment to quality by management.

I disagree here. An assessor’s job is to determine compliance within the scope of the audit, no more, no less. Root cause analysis is not an assessor’s function. The scope is the key. If the client requests additional details as to readiness, then that is outside the scope of the assessment, which may, or may not, constitute a conflict of interest. Perhaps I am wrong!

Too bad. ISO has become transparent. Registrars out for the bucks destroyed a good concept.

Kevin, I agree in part. I see and hear all the time of things that registrars should or should not do this or that. But, I would hesitate to clump them all in one bunch. As anyone who have read my writings know, I have no (none) love for the current process, but it is all we have (and I definetly do not like the RAB set-up). I would LOVE to see a system that regulated all registrars against some set of metrics that would level the playing field, so to speak.

Any volunteers?

Just the ramblings of an Old Wizard Warrior

Don,

I'm sitting on my hands. Just to clarify, I did not mean to suggest that all Registrars are guilty, or share equal guilt, in letting the standard become transparent. I was making reference to the group who place $$ in front of the good of what the standard represents. I guess you could say that all things are likely to experience fallout of this sort, so realistically, none of us should be surprized. Still, my optimistic indifference can occasionally be replaced by my pessimistic cynacism.

Back to the group...

I'm sitting on my hands.

Why? All opinions welcome.

I was making reference to the group who place $$ in front of the good of what the standard represents.

Yea, I see your point. I have no love for the current registration process in general and the RAB in particular. The registration process has been bastardized into a money making machine, in which, IMHO, the RAB shares blame (key word share). When I first started the ISO thing (circa 1991), it was OK, but now I am completely skeptical about it. Too old and too many years, I am afraid.

Still, my optimistic indifference can occasionally be replaced by my pessimistic cynacism.

Good. It is well to have balance.

Regards,
Don

Don,

I guess I am sitting on my hands (not volunteering) to be the regulator of the registrars. I see too much work. Unfortunately, since I am not part of the solution, I might be part of the problem (did I also mention that I am occasionally the hippocrit?). Well, hopefully somebody will rise to the challenge. Then, atleast, I will be able to through my support somewhere. You (and Marc I believe) have said it, shared blame amongst registrars and consultants that lose focus and are consumed by the $$, or false claims on results. Fortunately, I think ISO is recognizing this, so I am interested what the future brings (perhaps the assumed responsibiity).

Well, the weekend is almost here, so enjoy it and we will chat again Monday.

Regards,

Kevin

I also believe that a lot of companies that claim to have a quality system but insist they don't need certification do not in fact have a working system.

I spoke to one CEO who said if they needed a better quality system they would just buy one like they did last time.

Michael,

Been there, seen that. It could be taken a couple of ways though, so I am thinking that you are speaking to the point that the CEO figures the concept behind ISO is worthless. This is the case I have seen. And it is done to purely satisfy a Customer need, not to build a Quality Product or Service.

Are you product or service related by the way?

Regards,

Kevin

I spoke to one CEO who said if they needed a better quality system they would just buy one like they did last time.

I would tend to agree with Kevin in his perception of the CEO. It is, in fact, a common one. Generally, they can be broken into three categories:

Trophy Hunters who want the registration only (probably a Customer Requirement as Kevin stated).

Trophy Killers who see ISO 900x and an integrated portion of a complete systems management method.

Those in between.

I also believe that a lot of companies that claim to have a quality system but insist they don't need certification do not in fact have a working system.

I agree in part. Typically, companies forego registration for some good and some not-so-good reasons.

For example:

There are some firms that base their systems on standards modeled after ISO 9001 (FDA, for example). They have the system in place that would be in compliance with the FDA (thus in compliance with ISO 9001) but do not want the expense of registration to ISO when the FDA will determine compliance through inspections. ISO registration may not add additional value. Management would be satisfied that the system is working and in place, thus the expense of another third party is avoided.

Many small firms have systems based on and in compliance with ISO 900x, but registration costs may be prohibitive. The may choose to self-declare compliance through an independent third party assessment without actually becoming registered. Typically, this assessment process would be less than $500 per year. Or they may rely entirely on their internal audit system. The former is preferred.

There are others that claim ISO 900x compliance without any peer review. These would be questionable as to effectiveness and motivation. There are both good and not-so-good that fall in this category.

And finally, there are those registered firms whose quality systems are worse than any of the above, but maintain registration anyway.

Regards,
Don

Kevin,

Too much time on Cayman Systems or sitting on your hands? But, certainly,- it's a mess!

Allow the system or group of people to VERIFY
the intend and promise of ISO/OS 9000, in my opinion is a good idea.

Back to the group,
Mike

Hey Mike,

I forgot to call you back. I'll do that right after this post.

You are right on the intent angle, every system different, some close to each other, others quite distant. QS9000 becomes more direct in how you satisfy points within the standard/requirements, but otherwise, left to the folks of an organization to weave within the framework of their program/system.

Regards,

Kevin

A "Blast from the Past!" Contemporary comments?