Why do so many ISO 9001 Implementation Programs Fail?

Sidney Vianna

Post Responsibly
Leader
Admin
Many people believe that ISO 9001 should be categorized as a business management system standard, rather than a quality management system document. The word quality, in their opinion, confuses the users of the document and make it for a harder engagement with top management of the organization. In this very forum, I have had numerous exchanges with very clever and knowledgeable people on this subject. So, let me be as clear as I can, from the outset: I still believe that ISO 9001 (and all the other Industry sector augmentations, such as AS9100, ISO 13485, ISO/TS-16949, TL-9000, etc.) are appropriately classified as Quality Management System Standards.

The proliferation of other discipline-specific standards, such as ISO 14001 for Environmental management, OHSAS 18001 for Occupational Health & Safety management, ISO 27001 for Information Security management, ISO 22000 for Food Safety management, ISO 28000 for Security management, ISO 50001 for Energy management, etc. just prove the point that there is much more for a business to manage, other than quality. Even ISO 9001 in itself is not the end-all, all encompassing model for quality management. When we realize that ISO 9004 addresses many additional aspects of a high-performing quality management system, not touched upon by ISO 9001, we should reach a conclusion that ISO 9001 is a relatively unsophisticated approach to quality.

I have been in the management system conformity assessment business for over 20 years and acted in many different roles, such as a lead auditor, instructor, business developer, account manager and trainer, I have had the chance to work with hundreds of organizations, over these last two decades. From very small mom & pop shops to Fortune 100 organizations. From organizations in the very early steps of their quality journey to Malcolm Baldrige Award winners. From high tech to low tech to no tech. Irrespective of size, maturity, industry sector, ownership, etc., most organizations struggle with an effective implementation and maintenance of a quality management system. Most quality professionals report significant challenges in getting and maintaining top management connected to the QMS, interested, supportive and involved. Many organizations have a difficult time making a business case for maintaining ISO 9001 (or any other QMS standard) certification when economic hardship sets in. Most quality professionals resent the fact that other departments and functions don’t buy in and support ISO 9001 implementation. Why is that?

Folks, there are several reasons for this to happen, but, by and large, the primary culprit is the misunderstanding of how ISO 9001 should be implemented. Going straight to the point, most quality programs fail because organizations don’t understand the difference of managing of quality and managing for quality.

Managing for quality is the concept that the organization business processes are designed, maintained and improved to incorporate proper quality principles and practices. So, quality and customer satisfaction become the natural result of running the organization’s business processes. Managing for quality requires that each process owner will ensure their processes have the appropriate requirements for effective and efficient quality, environmental, occupational health & safety (to name a few disciplines) embedded in the process. For example, a New Product Introduction Process (which is a key process for many organizations) goes across several departments and functions and transcends the requirements of ISO 9001 section 7.3. But, instead of developing, maturing and improving the NPI process, what do many organizations do? They have a procedure to comply with 7.3 of ISO 9001. Instead of someone at the Engineering function being appointed as the NPI process owner, someone in the quality function will be responsible to baby-sit the organization for compliance against 7.3. There are tremendous implications in the different approaches. While the first approach promotes process ownership by the appropriate individuals, the second approach promotes the unsustainable path of someone from quality “policing” other departments (such as Engineering) to ensure they go through their necessary steps of planning, input, review, output, verification and validation. Such path is ineffective and can not be sustained over time.

Any organization has business process to operate. The key for effective and sustainable ISO 9001 implementation and certification is to make ISO 9001 INVISIBLE to most people working there. Comply with the standard(s) by embedding the applicable requirements into the business processes. That is the way to do it. Conformance with voluntary standards should be similar with compliance with legal requirements: it should happen as a natural deployment of a process that was designed to comply with the law. The operator on the shop floor should not be required to know the law(s) (such as FDA, EPA, OSHA, etc.). S/he should simply be required to follow the established process.

So, why don’t more organizations experience this epiphany? Unfortunately, in many cases ISO 9001 implementation and certification is misperceived by top management, as something that the quality folks can do in isolation and “in absentia” of the rest of the organization. And, in many cases, the quality professionals “tasked” with ISO 9001 implementation and certification are not proficient either in “business-process-language”.

So, in summary, I contend that if you want to have an effective ISO 9001 conforming QMS, make ISO 9001 invisible to most of the workforce. A few people should be aware of the requirements, in order to ensure that the business processes comply with the standard, but most of the workforce should not have to be exposed to ISO 9001, just like most people in a company are not trained in regulatory and statutory legal requirements which must be adhered, by the organization.

Comments, anyone?
 
Last edited:

Jen Kirley

Quality and Auditing Expert
Leader
Admin
Re: Why do many ISO 9001 implementation programs fail?

I have met many, many people whose view of their world is defined by their perceived role and expectations placed upon them. These people understand their fields very well, but resist the suggestion to stray into someone else's field - in my case that means "quality is for QA people."

With such people the business case will be about outcomes, not about how they achieved the outcome - unless they want to focus on failure to achieve. Research on failure to achieve will tend to be based on tangibles: things that can be counted or inspected. Expanding the investigation into "how we do stuff" and why we do the things we do is a kind of voodoo medicine, subject to suspicion because it's so poorly understood.

Too often expectations don't include enough about "how we do stuff" but that the countable or inspectable outcome is produced. When this happens people aren't encouraged strongly enough to form good discipline in revision control or process tools like FMEA/MSA. When the organization rewards people based on countables/inspectables and not "how we do stuff" we may make wonderful product but be among the worst companies to work for. Groups are not working in sync with each other; technical top performers may act like tyrants within their groups. Bad behavior is tolerated because "He/she really gets results."

All of that is often hard to detect because again, people tend to have a narrow view. They will focus on things within their specialty and less so on impacts on their internal customers in dependent or downstream processes.

Standards are supposed to provide a framework so that all of this gets addressed. However, very often the elements are viewed as a list of requirements and a good deal of effort is expended to ensure those requirements don't intrude on what it is they really think they should be doing. That effort ranges from simple willful ignorance to maintaining a dual set of processes: one is a "dog and pony show" while the other one, which actually produces the outcomes, is favored and maintained.

I have also seen lots and lots of people who are poorly assigned roles. We hire/assign people based on what we expect out of the job, not about what the person is best positioned to deliver. They may not be given resources to do the job well, or they may not feel enough concern to press for resources, or they might not have (or believe they have) enough authority to press for these resources.

Lastly, though it should be listed first, we very often have a top management team that doesn't understand these things and how they work together to form dysfunction, or believe they should understand.
:2cents:
 

Jim Wynne

Leader
Admin
Re: Why do many ISO 9001 implementation programs fail?

While I agree wholeheartedly with the idea of doing away with "ISO" systems as you suggest, the problems are far deeper and much more intractable than just misbegotten implementation.

When it first became evident that Japan was doing a much better and faster job of new product introduction, the response wasn't to emulate, it was, by and large, a simple and simplistic acceleration of everything. It seems that the thought was that we could do it just as well as the Japanese, we just had to do the same things we had been doing, but faster. Big mistake.

The result has been demands on the part of OEMS for supply chains to get "leaner" and for price concessions from suppliers, while expecting suppliers to do more work in less time. The general idea of APQP as a conscientious practice has gone out the window because OEMs (in all industries) are demanding lightening-fast turnarounds on RFQs, and devil take the hindmost. If you're a job shop owner you know that if you don't accept a job almost blindly, that someone else will, so you have to take your chances.

Then there's the problem of OEMs talking out of both sides of their mouths. They nibble away at quotations until there's practically nothing left, opting for the cheapest way out they can get, and then complain bitterly when their "strategy" backfires. Case in point: in quoting a job for a zinc-plated metal stamping, the initial quote includes charges for rack plating. The customer balks at the price, and is told that the parts can be barrel-plated, but the process isn't as controllable as rack plating, and some small percentage of defectives is almost inevitable given the quantities involved. "Give us the barrel plating," they say, and all is well until the first defective piece appears on their production line, and then they go into "zero defects" mode and demand corrective action and completely refuse to listen to reason. The amount of money that's wasted every day over this kind of stupidity is staggering.

American manufacturing, in general, is designed to force things through the system as quickly as possible, at the lowest possible price (never mind cost), and everyone is so busy doing the work of three people (Moe, Curly and Larry) that things like ISO 9001 just become more meat for the sausage grinder.
 
Re: Why do many ISO 9001 implementation programs fail?

The key for effective and sustainable ISO 9001 implementation and certification is to make ISO 9001 INVISIBLE to most people working there.
Absolutely! That's why both of my ISO 9001 implementations have worked so well. The only part of our quality system where we regularly consult the Work Instruction is our Product Development Control Process, because we are working the investigation and development toward a set of very specific deliverables (e.g. specifications, cost, etc.)

The rest of the company is doing what they do (and in most cases what they've always done) and, since it is compliant, we just documented the processes. Oh sure, we've got a few new things, like a formal corrective action system with a tracking database (stop making the same mistakes over and over), a strict approved suppliers list (stop buying the cheapest part from cheapest supplier regardless of quality or legitimate origin), and tight control of drawing revisions (stop building to incorrect, incomplete or misleading prints, we revised it for a reason). However, all of these things that weren't compliant before our registration effort were costing us a fortune in doing things a second time that could easily have been done correctly the first time, except nobody was sure what "correctly" was.
 

ScottK

Not out of the crisis
Leader
Super Moderator
Re: Why do many ISO 9001 implementation programs fail?

While I agree with most of what you write, I disagree that it should be invisible to the general populace.
My experience with leading QMS implementations is open communication and active participation with some level understanding of the what's and why's at every level of the company is a necessity.
This has been particulary important in the companies where I've worked that must follow cGMPs or EU directives because it provides a reason for doing things consistently or in a cartain manner other than "because it's what management tells you". "Because Daddy says so" is not effective with kids and it's not effective with adults either, it teaches nothing.
Giving "the people" a basic understanding allows them to take greater ownership in what they do and ultimately allows them contribute to improveing their processes in reasoned manner.

Yes, you can do all this with or without a standard or even showing the standard to most people... but people want a flag to follow. I think standards and regulations help provide that flag to the leader of the effort - whether it's implementing or continuing improvement.
Don't make it invisible... make the QMS easy to compljy with, but toot your horn and give your people something to celebrate when you get or maintain your various certification/registrations.

Now keep in mind I work in small-medium companies where I can get a whole shift of a facility together in a large lunch room for training and Q&A's... might be another story in a larger corporation.
 

Sidney Vianna

Post Responsibly
Leader
Admin
Re: Why do many ISO 9001 implementation programs fail?

"Because Daddy says so" is not effective with kids and it's not effective with adults either, it teaches nothing.
In my experience, people will follow the processes when they realize that they are the organization's way of running the business. They pay my wages. As long as I work here, I should follow their process. I think it goes beyond "because daddy says so". Irrespective of ISO 9001, organizations that don't have process definition and discipline are, for the most part, ineffective.
but people want a flag to follow. I think standards and regulations help provide that flag to the leader of the effort - whether it's implementing or continuing improvement.
The problem with that concept is the fact that this "flag" becomes the quality assurance flag because ISO 9001 is a quality management system standard. So, other functions in the organization don't see that flag as their flag nor something they should preoccupy themselves with.
 

howste

Thaumaturge
Trusted Information Resource
Re: Why do many ISO 9001 implementation programs fail?

This has been particulary important in the companies where I've worked that must follow cGMPs or EU directives because it provides a reason for doing things consistently or in a cartain manner other than "because it's what management tells you". "Because Daddy says so" is not effective with kids and it's not effective with adults either, it teaches nothing.

To me, using the directives as motivation is like saying "because BIG Daddy says so." They don't motivate people to do things better any more than management ordering them to do it.

Also if managers tell people to do things one way, then reward them for taking shortcuts, the louder message they hear is that they should cheat when they're not being watched.

In my view, people should be doing things consistently and properly because they have been shown that they achieve consistently good results that way - and leaders need to reward the right activities.
 

Colin

Quite Involved in Discussions
Re: Why do many ISO 9001 implementation programs fail?

Wow Sidney, this should have been a post for those long winter nights, it could be a long one! Great question but I would want to clarify what you mean by 'fail'. If the intention of an ISO 9001 project is to change people's whole attitude towards the way they work (culture?) then I agree that most projects fail but if the objective was to put a better structure in place for achieving quality then I think many do work.

Don't get me wrong, I agree that there is a long way to go any many clients I audit have a 'paper thin' approach to retaining certification (witness their internal audits and management reviews) but having that certificate gets them work so how can that be a failure?

As for keeping ISO 9001 invisible to the masses (I think I can see your tongue firmly in your cheek there), there are many people driving cars who don't have a clue as to what is under the bonnet/hood (forgive the English) but they can use their car successfully each day. However, they can only call for help from a specialist if something goes wrong. This is where I define the difference between being trained to do something as opposed to be educated to understand something.
 
J

JaneB

Re: Why do many ISO 9001 implementation programs fail?

Gosh, Sidney, what an excellent post!

When we realize that ISO 9004 addresses many additional aspects of a high-performing quality management system, not touched upon by ISO 9001, we should reach a conclusion that ISO 9001 is a relatively unsophisticated approach to quality.
Yes, it is. Really, it's just quite basic good practice on the whole.
And how well you delineate the difference in approach, between developing and maturing the processes needed by the organisation (such as a New Product process) vs having someone in the quality function 'baby-sit the organization for compliance against 7.3.' And you're right that such an approach isn't effective and cannot be sustained.

Indeed, as a consultant, I've sometimes been inclined to weep when I see how poorly ISO 9001 has been 'implemented' into some organisations and that they've clearly been forced by some misguided idiot into doing such things and told that they 'have to' in order to comply. They usually, down the track go one of two ways: figure out it has to be better and improve it, or give it up as just too onerous and of no or little business value.

I tend to agree about making the requirements largely invisible. I certainly don't want everyone to have to march around knowing all the terminology! Why should they have to?


A few people should be aware of the requirements, in order to ensure that the business processes comply with the standard, but most of the workforce should not have to be exposed to ISO 9001, just like most people in a company are not trained in regulatory and statutory legal requirements which must be adhered, by the
Agree.

To me, using the directives as motivation is like saying "because BIG Daddy says so."
No, I don't buy that. Part of being an employee is following the rules and the requirements. It's not a matter of Big Daddy, it's a matter of 'here's how we want it done'. If people hear/see 'Big Daddy' in this, I suggest that's to do with either personal viewpoints and/or the culture of the organisation itself. Sure, an organisation could take the 'don't ask why, just do it!' approach. But they could equally take the approach of 'good question, I"m happy to explain why we do it this way' one too! Which they favour will be because of the management style in favour in the company and, equally important, the culture of the organisation itself

if managers tell people to do things one way, then reward them for taking shortcuts, the louder message they hear is that they should cheat when they're not being watched.
Er yes, but that's a different topic to me. Whether this occurs or not has to do with the culture of the organisation - those beliefs or principles that it actually practices not just the ones it espouses in theory. It's not got anything to do with the Standard itself.

people should be doing things consistently and properly because they have been shown that they achieve consistently good results that way - and leaders need to reward the right activities.
Now there, I fully agree with you. :yes:

I agree that there is a long way to go any many clients I audit have a 'paper thin' approach to retaining certification (witness their internal audits and management reviews) but having that certificate gets them work so how can that be a failure?
Perhaps it's a failure in that it could have been oh, so much better?

there are many people driving cars who don't have a clue as to what is under the bonnet/hood (forgive the English) but they can use their car successfully each day. However, they can only call for help from a specialist if something goes wrong. This is where I define the difference between being trained to do something as opposed to be educated to understand something.
True. But to continue the analogy, does one really need to have everyone mechanically trained enough to get under the bonnet/hood and fix the motor if it fails? Is it really necessary? I'd argue not.
 

Colin

Quite Involved in Discussions
Re: Why do many ISO 9001 implementation programs fail?

Perhaps it's a failure in that it could have been oh, so much better?


True. But to continue the analogy, does one really need to have everyone mechanically trained enough to get under the bonnet/hood and fix the motor if it fails? Is it really necessary? I'd argue not.

Ahh yes, continual improvement ....! now there's a topic that warrants further discussion under this thread.

Quite agree Jane, we don't want everyone tinkering with the motor but it would be nice if they could clearly explain the symptoms if something goes wrong.
 
Top Bottom