Is ISO 9001 Cresting? Is a rebellion in the works?

[potdar]

I have not voted in this poll. In my assessment the standard is good. Few practitioners are good. Rest are either dumb, careless, or dont even care two hoots about it. They are happy to have a certificate on the wall. Like JaneB I too dont work with such people. So, QMS consultancy today forms a small fraction of my workload after six years spent working full time as a third party Lead auditor with one of the leading CBs.

The registrars are the worst culprits. They have commercialised the whole issue and turned it into a milch cow. The mentality is "If I dont certify you or if I withdraw your certificate, someone else will certify you and milk you for years to come. Oh, every once in a while you have to come back for an audit. So why someone else, I might as well do it. Rather, I will be a fool to not do it."

Thats why the customers are fast losing their belief in the value of the certificate. And when second party audits start gaining strength, third pary audits will start weakening. Its not a question of "IF" anymore, just "WHEN".

The situation might improve only if the accreditation bodies and the MLAs tighten their act and start disqualifying Accreditation bodies. Frankly, I dont have many hopes to see that day.

 

[56flh]

Very well said Jane.

 

[Paul Simpson]

Anyone got a long rope and a low beam?

Whilst I sympathize with some of the views in the post I, for one, would rather be on the inside of the tent peeing out than outside, peeing in.

I have not voted in this poll. In my assessment the standard is good. Few practitioners are good. Rest are either dumb, careless, or dont even care two hoots about it.

I am sure you meant to exclude Covers from this general statement ..

They are happy to have a certificate on the wall. Like JaneB I too dont work with such people. So, QMS consultancy today forms a small fraction of my workload after six years spent working full time as a third party Lead auditor with one of the leading CBs.

The registrars are the worst culprits. They have commercialised the whole issue and turned it into a milch cow. The mentality is "If I dont certify you or if I withdraw your certificate, someone else will certify you and milk you for years to come. Oh, every once in a while you have to come back for an audit. So why someone else, I might as well do it. Rather, I will be a fool to not do it."

A highly cynical view. As a representative of a registrar/certification body (albeit part time) I can only say there are some organizations out there who try to do a good job:

• Assess organizations who want certification for the right reasons
• Certify only those organiszations that deserve it
• Work with existing customers to ensure standards are maintained and they continually improve - as required by the standard
• Take certification away from those that do not subscibe to the spirit of the standard

Thats why the customers are fast losing their belief in the value of the certificate. And when second party audits start gaining strength, third pary audits will start weakening. Its not a question of "IF" anymore, just "WHEN".

I hope you are not advocating a return to second party certification. Not only is it a huge drain on resources (if it is to be done properly) but it is also a duplication across the industries and, from someone who had to work through it many years ago, the quality of the assessment is totally down to the quality of the assessor and at least in third party certification you can complain when the assessment is wrong!

The situation might improve only if the accreditation bodies and the MLAs tighten their act and start disqualifying Accreditation bodies. Frankly, I dont have many hopes to see that day.

I presume you mean disqualify certification bodies. I can agree with this statement but you only have to look at what has happened with ISO TS 16949 - it is not always the quality of a certification bodies work that decides if they keep the business but the amount of it that counts.

 

[potdar]

As a representative of a registrar/certification body (albeit part time) I can only say there are some organizations out there who try to do a good job:

• Assess organizations who want certification for the right reasons
• Certify only those organiszations that deserve it
• Work with existing customers to ensure standards are maintained and they continually improve - as required by the standard
• Take certification away from those that do not subscibe to the spirit of the standard

.

I am happy you still get to work with such institutions. I only lament the fact that they are getting crowded out by the more commecially minded people.

I may tell you here that many of us auditors here passionately advocated the view that there was a good place in the market for a CB with "reliability and conscientiousness" as its USP. That we should not dilute it and stick to it. The response was "Maybe, but I would rather be alive tomorrow than dead with people saying that guy was a good man."

Net result: Over a period of a year, there was an exodus of long serving and industry respected auditors. They didn't want to work as rubber stamps.

I hope you are not advocating a return to second party certification. Not only is it a huge drain on resources (if it is to be done properly) but it is also a duplication across the industries and, from someone who had to work through it many years ago, the quality of the assessment is totally down to the quality of the assessor and at least in third party certification you can complain when the assessment is wrong!

I dont advocate it. I just see it coming back. It is very much on the horizon. And now, people are smart enough not to waste resources on the effort. They outsource it.

I presume you mean disqualify certification bodies. I can agree with this statement but you only have to look at what has happened with ISO TS 16949 - it is not always the quality of a certification bodies work that decides if they keep the business but the amount of it that counts.

Exactly. The volume. The $$$$ that come with it. As someone who still refuses certification, even disqualifies, I would ask for your take on what % of organisations certified for TS would really qualify if they came to an agency like yours.

 

[Paul Simpson]

I am happy you still get to work with such institutions. I only lament the fact that they are getting crowded out by the more commecially minded people.

Don't misunderstand me - my organization is as commercially minded as the next. We have just decided that to be in business in the future you have to make sure your product meets market requirements. That means our certification has to say something about how our customers operate their business. Without that you are chasing the cheap and cheerful end of the market.

I may tell you here that many of us auditors here passionately advocated the view that there was a good place in the market for a CB with "reliability and conscientiousness" as its USP. That we should not dilute it and stick to it. The response was "Maybe, but I would rather be alive tomorrow than dead with people saying that guy was a good man."

Glad to hear it! Perhaps there is an opening in your market for us to work together There is only one way of guaranteeing you have no future and that is to chase the bucks and degrade your product by thinking you can fool the market - Enron anyone?

I dont advocate it. I just see it coming back. It is very much on the horizon. And now, people are smart enough not to waste resources on the effort. They outsource it.

Again not sure where this new and improved 2nd party assessment is coming from, and how the users of this service are going to get it better than it was before which was at best patchy and at its worst downright criminal!

Exactly. The volume. The $$$$ that come with it. As someone who still refuses certification, even disqualifies, I would ask for your take on what % of organisations certified for TS would really qualify if they came to an agency like yours.

Probably about 100% Seriously the Tier 1 automotive guys will do exactly what is needed to obtain and maintain the "ticket" if I come in and identify significant issues they will move heaven and earth to fix it - they just might prefer an easier ride to carry on supplying. Similarly with the OEMs they would like an effective audit of their supplier base but they also want to carry on using existing suppliers as far as possible. Squaring the circle is a great one for the OEMs and they have ways of bending the rules if they want to keep you on board.

 

[Sidney Vianna]

Don't misunderstand me - my organization is as commercially minded as the next. We have just decided that to be in business in the future you have to make sure your product meets market requirements. That means our certification has to say something about how our customers operate their business. Without that you are chasing the cheap and cheerful end of the market.

Paul, great to see you back and active here, again.

The conundrum for the 3rd party certification industry has been exposed and debated in oh so many ways and oh so many times. Unfortunately, the vast majority of the certification bodies only perceive their immediate customers as the ones to please. That is why so many undeserving certificates have been awarded and exist. A few CB's realize that the actual users of their certificates are not the certified organizations themselves, but THEIR customers (in case of a quality management system certificate). These few CBs understand that, in order to be sustainable, the process has to add value to the customers of the certified organization. Failure to do that COULD result in a resurgence of second party audits, with all the dysfunctions it brings.

Earlier this summer, I was a lecturer at a Workshop aimed at the US Aerospace Auditors performing audits under the Industry Controlled Other Party process for AS9100 audits. The message coming from the Regulatory Bodies and OEMs to 3rd party aerospace auditors was:

Get tough, no soft grading of NC's!

I have a feeling that if the CB's involved with AS9100/9110/9120 audits don't shape up (collectively), we might see something like in Automotive, where the OEMs stopped relying on the AB's and created an entity to approve the CB's directly - IATF.

The competitive nature of 3rd party certification requires a strong policing and feedback mechanism, in order to keep the system in check. Unfortunately, in my personal opinion, the accreditation bodies are not effective enough in policing the market, and the actual users of the certificates, are ignorant, oblivious or too lazy to demand that the certificates being issued MEAN something.

 

[potdar]

:Get tough, no soft grading of NC's!

I have a feeling that if the CB's involved with AS9100/9110/9120 audits don't shape up (collectively), we might see something like in Automotive, where the OEMs stopped relying on the AB's and created an entity to approve the CB's directly - IATF.

The competitive nature of 3rd party certification requires a strong policing and feedback mechanism, in order to keep the system in check. Unfortunately, in my personal opinion, the accreditation bodies are not effective enough in policing the market, and the actual users of the certificates, are ignorant, oblivious or too lazy to demand that the certificates being issued MEAN something.

Only, IAOB and its kin are likely to be equally ineffective till they actually start derecognising some registrars and start setting examples. The CBs need a message in totally uncertain language to or else.

Paul

Your CB is welcome to India. I would love to work with them. Except, if they already have an office here, I know I dont hold a very high opinion of them

 

[Paul Simpson]

Paul, great to see you back and active here, again.

Thanks, Sid. We have had a hard few months moving the headquarters of the certification body I work for, thankfully successfully. For my sins I got the IT job among others and it was a lot more involved than at first thought - 'twas ever thus. Few other changes including a new website etc., etc. www.cmlsira.com if you want to have a look!

The conundrum for the 3rd party certification industry has been exposed and debated in oh so many ways and oh so many times. Unfortunately, the vast majority of the certification bodies only perceive their immediate customers as the ones to please. That is why so many undeserving certificates have been awarded and exist. A few CB's realize that the actual users of their certificates are not the certified organizations themselves, but THEIR customers (in case of a quality management system certificate). These few CBs understand that, in order to be sustainable, the process has to add value to the customers of the certified organization. Failure to do that COULD result in a resurgence of second party audits, with all the dysfunctions it brings.

Absolutely right! There are two tiers of customers - the direct customer and we do have to serve them by providing a quality service and an assessment process that is all clear and above board. Oh and at the right price and with flexibility they need!

Our customers customers have a different set of demands but they're not that far apart - it's not in their interest to have a potential supplier turned down for registration if they have good quality systems but they don't want to be buying from a supplier with a certificate only to find out that the systems are worthless.

Earlier this summer, I was a lecturer at a Workshop aimed at the US Aerospace Auditors performing audits under the Industry Controlled Other Party process for AS9100 audits. The message coming from the Regulatory Bodies and OEMs to 3rd party aerospace auditors was:

Get tough, no soft grading of NC's!

I have a feeling that if the CB's involved with AS9100/9110/9120 audits don't shape up (collectively), we might see something like in Automotive, where the OEMs stopped relying on the AB's and created an entity to approve the CB's directly - IATF.

I accept the purchasers don't want registrars soft peddling on NCRs but by the same token messages like these from the aerosace guys have an unfortunate habit of getting misunderstood by some auditors - next thing you know little details are being raised as NCs, minors become majors and auditor opinion gets sway over factual based decisions. Sounds like how I remember second party audits.

The competitive nature of 3rd party certification requires a strong policing and feedback mechanism, in order to keep the system in check. Unfortunately, in my personal opinion, the accreditation bodies are not effective enough in policing the market, and the actual users of the certificates, are ignorant, oblivious or too lazy to demand that the certificates being issued MEAN something.

There is an opportunity for all parties in the process to sharpen up their acts. Perhaps there has been too much focus on getting registered and not enough on design of system. The all or nothing asect of assessment to certification doesn't help IMHO.

 

[Sidney Vianna]

messages like these from the aerospace guys have an unfortunate habit of getting misunderstood by some auditors - next thing you know little details are being raised as NCs, minors become majors and auditor opinion gets sway over factual based decisions. Sounds like how I remember second party audits.

Indeed, we have a risk of that happening. Many 3rd party auditors might misunderstand the message. On the other hand, the ones that uncover substantial management systems pitfalls and write the issue up might be booted out by the customer for making them work hard to keep the certificate. After all, the path-of-least-resistance CRBs are well represented in the Aerospace Sector... A few influential people in the Aerospace ICOP System are starting to realize that issue. For the time being, they have not yet thought how to solve the dilemma. If only they asked me...

 

[JaneB]

The registrars are the worst culprits. They have commercialised the whole issue and turned it into a milch cow. The mentality is "If I dont certify you or if I withdraw your certificate, someone else will certify you and milk you for years to come. Oh, every once in a while you have to come back for an audit. So why someone else, I might as well do it. Rather, I will be a fool to not do it."

Thats why the customers are fast losing their belief in the value of the certificate.

Interesting - this hasn't been my experience at all. In fact, to the contrary. I've been in this field for many years now, and those certifiers/registrars I've come across have cared about working to make a difference, to assist businesses to improve what they were doing, and wanting to contribute. Indeed, some of the people I've met have said that if they could choose to do anything, & had independent income, they'd still do what they're doing now -helping businesses understand quality and do things better.

Commercialise? Well, I don't have a problem with the registrars making money - that's what business is about, and they can't do it for nothing. But I do expect clients to get value for money.

Thus, I've assisted clients to switch to another registrar when they weren't getting competent or valuable audits or the level of service they had a right to expect and demand, and each time the client has been pleased with the results. And I've complained about auditors on behalf of a client (only with client permission of course) on some very rare occasions when the performance of the auditor was quite unacceptable. Again, on every occasion it has improved things for the client.

I usually enjoy seeing auditors at work - and I always enjoy watching, and learn from, a really skilled one! Only recently I had a lengthy & very fruitful encounter with an auditor from a large certifier in this country. And was impressed with his wise approach in a somewhat ticklish situation, as well as his enormous enthusiasm & passion for improvement and for quality, which matched mine. And he's been auditing for many, many years! The client in question has 9001 certification and is also doing Six Sigma - we both saw them as complementary.

I wonder if experiences vary in different countries? Also, of course, we're talking only individual experience here, rather than hard data.

There is only one way of guaranteeing you have no future and that is to chase the bucks and degrade your product by thinking you can fool the market - Enron anyone?

Exactly so (and great to see you back, Paul).

When I think of changes to wish for, I wish that clients were better informed of the actual role of the registrar, so that they could, when necessary, demand better service and reject auditors (or certifiers!) of poor standard / over-rigidity / throwbacks to 1994 mode etc, without worrying that this would rebound on them, or that the auditors would get 'em back, etc. And I wish that more people could understand and see how a good auditor can add enormous value to an organisation.

But I do aim for, hope for, look for and work for things to improve. If I couldn't do that and had lost hope of anything ever changing in the field, I wouldn't stay in it. Because how on earth could I promote a Standard including requirements for continuous improvement to my clients if I didn't believe in, and practice that, myself?