What is ISO 9001 Certification and how does it relate to Product Quality?

[Arise]

So basically you're telling me the only thing I need in place are a couple of procedures and documents and that's it. Then I have to pretend that I'm doing something to improve and depending on the mood of the auditor, he will require that I do a lot or he may feel that a couple of small steps are already enough and given that nothings defined I can't even argue with the auditor, except get someone else with his/her own moody opinion. :mg:

Well, if that's the case then that would explain the general perception that ISO certification doesn't mean much. But that would really suck, why not use customer requirements as a defined goal that must be met, wouldn't that be a lot better and less arbitrary ?

 

[Patricia Ravanello]

Good Morning Arise,

I think you're oversimplifying and exaggerating the realistic scenario of ISO certification.

1) Yes you need to document your system...other than the compulsory processes, you decide from what additional documented processes your company would benefit....and map out those processes, to ensure consistency in training and understanding, as well as compliance to ISO and customer-specific requirements.

2) This isn't a "Pretend" game...you have to do what your documents state, as well as monitor and measure the effectiveness and efficiency of the processes, analyze the data, perform Management Review, and identify corrective and preventive action/continual improvement, as well as communication of performance back to interested/involved parties. You're not doing it for the auditor, you're doing it because it makes sense.

As Big Jim said earlier...it's like the rules of a game. ISO is intended to create a common methodology for System Management. It helps ensure that all businesses are operating from a common base of reference.

3) In post No. 14 above, I wrote...

The auditor is auditing that your SYSTEM complies with:

a) respective Standards (as applicable...ISO 9000, ISO 14000, etc. )
b) Customer-specific requirements​

Customer requirements are definitely a measure of performance, and many customers set defined objectives for quality, timing, delivery, and service performance, just to name a few, but those aren't the only measure of a company's compliance. Their entire system is expected to run effectively and efficiently. There will be many yardsticks by which to measure their success, and it is up to Senior Management to define those requirements throught the Business Plan. There is no pretending.​

Having said all that, I understand your frustration with the auditor and the "documented system". Not all auditors are created equal, and neither are the systems.

You're observation and comments are telling..."ISO certification doesn't mean much"...and in some instances, may even be accurate. I'm sure many contributors here have their own ideas of how this "perception" of ISO has evolved. Much of it relates back, as you've stated to the whims of the auditor performing the audit...and yes there can be a vast difference between two documented systems, both of which have been "certified". These inconsistencies and broad variations contribute to the perception that the documentation doesn't matter...depending on your auditor.

ISO is not just a banner to wave...it's a business methodology. It's effectiveness is definitely dependent on it's individual "parts", and not just the end product...otherwise, I would have to think that product quality is really more a serendipitous event than a planned and controlled process.

I understand your frustration and disposition on this sensitive subject...I'm sure you'll get more feedback on this from other contributors.

It's good that you keep challenging the concept...understanding and accepting it is the first step to successful implementation.

Patricia

 

[AndyN]

So basically you're telling me the only thing I need in place are a couple of procedures and documents and that's it. Then I have to pretend that I'm doing something to improve and depending on the mood of the auditor, he will require that I do a lot or he may feel that a couple of small steps are already enough and given that nothings defined I can't even argue with the auditor, except get someone else with his/her own moody opinion. :mg:

Well, if that's the case then that would explain the general perception that ISO certification doesn't mean much. But that would really suck, why not use customer requirements as a defined goal that must be met, wouldn't that be a lot better and less arbitrary ?

Wow! Do you think that Certification Bodies would have continued to exist since the late 1980's if they and their clients adopted such an approach? Are your comments intended to be serious?

It's true to say that there have been some auditors that have been superficial in their evaluation of quality systems, but that isn't the exclusive domain of Certification Bodies - some Purchasing organization Supplier Quality auditors have done the same long before ISO certification became an option!

A good CB auditor will not only use the ISO 9001 criteria to audit, they will also consider customers and regulatory requirements.....

May I recommend that you attend some internal auditor training? You'd get a much more effective perspective on the whole process...

 

[Qwatcher2]

The ISO standard requires you to have processes in place to address these issues. If you have nonconforming product, you must have a procedure to address hou you are going to handle, investigate and disposition this. If you have customer complaints you should have a corrective action process in place to address the process for investigating the issue, determining what the short term action and what the long term action is to prevent recurrence of the issue. ISO does not prevent nonconforming product. It ensures you have processes in place to react appropriately to the nonconformances and also to improve your processes. The interna audit process evaluates the processes in place to determine if you are "doing what you say you do the way you say you do it" and are looking for areas for improvement. Look at it from a business perspective not a Product perspective. It is a business management system not a quality inspection system.

And yes, you can get and remain certified as long as you have the systems in place to appropriate measure, react and respond to the nonconformances and customer complaints.

To your example, if management has evaluated the equipment and determined that the cost (ROI) does not outweigh the cost of dealing with the nonconfromances then they can choose to react to the nonconformances instead of purchasing the equipment. It is all about information and making informed decisions based on the information.

 

[Sidney Vianna]

So basically you're telling me the only thing I need in place are a couple of procedures and documents and that's it. Then I have to pretend that I'm doing something to improve and depending on the mood of the auditor, he will require that I do a lot or he may feel that a couple of small steps are already enough and given that nothings defined I can't even argue with the auditor, except get someone else with his/her own moody opinion. ?

Dear (another anonymous Cover) Arise. Let me tell you a secret. You are correct. ISO 9001 certification is the biggest pyramid scheme in Mankind's history. Around a million organizations all over the World have been duped into this scam. Some of them have been in this game for almost 2 decades. People are just too dumb to realize that. We keep perpetuating this nonsensical approach to quality because it is a good way of transferring money to ISO, consultants, training providers, book writers and certification bodies. But you gotta give it some credit. This is an incredible sham. We just fear people like you, who see it for what it is and question the efficacy of this whole thing.
Oh, and by the way, being so perceptive, you should sense some in my writing.

 

[Paul Simpson]

Much as I enjoyed Sidney's reply there is a genuine point here that requires an answer - Arise (Sir ?) has asked a question that many others have asked in recent weeks, months, years. If 9k08 doesn't have anything to do with product quality (it is after all a standard for a management system) then how can it have any teeth (and hence meaning for a customer)?

As has been mentioned elsewhere there is enough meat in customer and statutory & regulatory requirements that should keep the auditor on track and the organizations 'honest.'

So if we say that 9k08 certification is not delivering then (by definition) the assessment process is not effective.

 

[Sorin]

So if we say that 9k08 certification is not delivering then (by definition) the assessment process is not effective.

It's not the standard that it's not delivering or leading to the "general" ideea that the standard is innefective.

The problem is generated by ppl that think a simple banner outside the company and/or a certificate on the wall will solve their problems. Or the ones that hire a quality guy and that person is the only one in the whole shop carrying the system. Or the ones that just saw QA as the (useless) paper guys.
And I could go on like that for a few more pages.

ISO 9001:2008 is just a quality management system. That's all. It's not a miracle solution for poorly managed companies.. What YOU will do with this system it's up to you.

/rant end

Mea culpa....

 

[Sidney Vianna]

So if we say that 9k08 certification is not delivering then (by definition) the assessment process is not effective.

Paul, you know very well that there is no verifiable data to prove it one way, or the other.

How many hundreds of times have we debated this, at The Cove?

If I were to make an assertion that certificated auditors are no better than non-certificated auditors, in the absence of scientifically gathered, independent, verifiable data, would be just an opinion.

 

[Paul Simpson]

Agreed to both responses. But ...

Paul, you know very well that there is no verifiable data to prove it one way, or the other.

How many hundreds of times we have debated this, at The Cove?

I accept the point about valid data Sidney but hey, in much the same way we have debated exclusions, clause requirements, etc., etc. over time so it is with certification.

Just because it's difficult doesn't mean we give up. Sidney you, of all people, would have to agree with that. My post was to try to start the debate.

IMHO the two areas of

• customer requirements (stated and unstated) should give a half decent auditor enough scope to do a decent audit of a management system - if s / he knows what s / he is looking for
• legal requirements cover a huge amount (particularly here in Europe where we have directives for everything bar the colour of the packaging (provided of course it complies with the requirements of the packaging directives ....)
  European Parliament and Council Directive 94/62/EC of 20 December 1994 on packaging and packaging waste
  

It's not the standard that it's not delivering or leading to the "general" ideea that the standard is innefective.

OK let's take this point first do we all agree that the standard isn't at fault? IMHO the jury is out on this point. FWIW I think it's OK. It's not great but it can work if it is used in the right way - with good understanding by both implementers and assessors.

The problem is generated by ppl that think a simple banner outside the company and/or a certificate on the wall will solve their problems. Or the ones that hire a quality guy and that person is the only one in the whole shop carrying the system. Or the ones that just saw QA as the (useless) paper guys.

I tend to agree (but would like others views). If you look at 9k08 as just a badge on the wall then it can't work for you. In its own simple way it requires a lot of an organization in terms of understanding requirements and doing everything possible to ensure they are met - not 'just enough to satisfy a lazy auditor' .

And I could go on like that for a few more pages.

ISO 9001:2008 is just a quality management system. That's all. It's not a miracle solution for poorly managed companies.. What YOU will do with this system it's up to you.

/rant end

Mea culpa....

I agree with the last bit (your results reflect the effort you put in) but not the 'just a quality management system'. The principles in 9k08 are simple - doesn't mean they are easy to meet. I hope I have been consistent over the years. Each simple requirement in the standard requires a whole load of work alongside the people in the organization doing the real (customer facing) work to understand all the key steps the organization puts in place to protect its current and future business by understanding and anticipating customer requirements and making damn sure the products and services you provide hit those buttons time after time.

And yes, we're not all perfect so we have to learn lessons when we get it wrong!

 

[Sorin]

I agree with the last bit (your results reflect the effort you put in) but not the 'just a quality management system'. The principles in 9k08 are simple - doesn't mean they are easy to meet. I hope I have been consistent over the years. Each simple requirement in the standard requires a whole load of work alongside the people in the organization doing the real (customer facing) work to understand all the key steps the organization puts in place to protect its current and future business by understanding and anticipating customer requirements and making damn sure the products and services you provide hit those buttons time after time.

I agree and disagree at the same time. If the most simple requirement of a quality management system standard will require an insane workload from the company, in that case the company is not ready, culture speaking, to take that road.
Any implementation, be it quality standard, manufacturing approach, call it as you like, will require a minimum workload if a necessary condition is met: Top key management complete involvement. If that is not there, if company's culture is not quality and team oriented, in that case that company will have only:
-a banner outside
-a certificate inside
-insane amounts of paper
-rush hours every 2 weeks before audits
-etc.....