And on top of that, I've read that these committees are dominated by consultants. Actual end users are hardly represented which is a shame. Actual end users wouldn't have come up with memes like COTO and Risk Based Thinking. Consultants like vague concepts because then companies have to hire them just to interpret what something like Risk Based Thinking actually looks like in practice. I'm sure this is just one of many conflicting interests that are contributing to the declining numbers of 9001 registrations.
You have a point. As someone who has been part of a national "mirror" (ANSI) TAG developing ISO standards, I can attest that the process is very "political", with a lot of influencing done in the fore and backgrounds. Yes, consultants are a significant stakeholder representation in the committees, but also the industry representatives from large corporations, so there is representation from organizations using the standards. The one demographic that is very little represented in such committees are the SME's (small and medium size enterprises), for obvious economic reasons. Nevertheless, it is important to know that, in my experience,
most of the people participating in the national TAG's and the TC are well intended, experienced, competent people, who aim to develop good documents; unfortunately, some of the strategic directions they work under are decided by people in their ivory tower bubbles, distant from the real world where the
rubber meets the road auditee meets the auditor. So, the disconnect happens, but not necessarily at the committee level.
Further, another huge blunder that I forewarned here, many years ago, had to do with the disconnect between conformity assessment practices and the management system standards. As ISO made profound changes to their MSS's making requirements less granular and less prescriptive, the world of conformity assessment was not prepared for the shift; in Auditing 101 we all learn that, to a good extent, auditing is verifying conformance to requirements. Easy, as long as requirements are clear. When requirements become undefined, auditors need to be re-educated and if I am an auditorsaurus, with 40 years of hardware inspection as my resume', my system thinking skills might be not on par with the new reality of HLS-driven standards.
I think ISO CASCO was derelict not realizing via a no-brainer risk based thinking exercise
and reacting to the new audit context and developing and deploying enforceable new guidance and direction to the management system auditing community. The (broken link removed), as helpful as they might be, are not really mandated and only a small percentage of the auditing community even know they exist.
I hope that the last round of the ISO Survey with it's very disappointing numbers (for ISO 9001) are a wake up call and some visionary people finally realize that change is necessary, both at the standard development and the associated conformity assessment/certification levels. Otherwise, the decline will continue, despite the fact that Business, Trade and Society at large will always need to build trust and confidence in it's supply chains.
Let's remember this: if ISO 9001 and ISO 9001 certification was an answer/solution, what was the question/problem being addressed?
How to have trust and confidence in a supplier's ability to fulfill orders, consistently? This is a perennial business challenge which
will never go away. If the current methods are not working, we need to figure out why and re-engineer the solution.
