Meet Certification Europe (CE), a UKAS-accredited certification body out of Ireland that apparently relies on spam for its marketing, since I keep getting emails from them and definitely, most assuredly, never signed up for anything from them. It’s 2024, literally three decades since America Online was released, and companies are still using unsolicited emails for marketing. Shudder.

So, they can be forgiven for that (I don’t forgive them, though), but the content of their marketing isn’t doing them any favors either.

What’s Wrong With This Picture?

I’m going to show you a picture, and I want you to identify what is wrong with it. If you’re an annoying, pedantic, truculent Quality Management consultant, you’re going to see it immediately. The rest of you — if you don’t see it — are probably healthy, so don’t panic.

Do you see it?

CE made a major blunder that is likely to get their invitations to the next black tie Quality Management soiree revoked in a heartbeat. The next time they walk past anyone from TC 176, they will find themselves greeted with sneers, if not pelted with rotten onions. Why, they are just unwashed commoners, barely a step above the homeless bums living under the bridge!

Their crime? They said ISO 9001 discusses “continuous improvement.” As in, not continual improvement.

This is a faux pas of such great import, one can only gasp and mutter, MY GOD, IT’S FULL OF STARS!

You see, ISO 9001 has a clause on continual improvement, but is silent on continuous improvement. This is, we are told, because the two things are supposed to be entirely different.

Here’s Strahinja

“Continuous improvement” and “Continual improvement” are often used interchangeably and shouldn’t be used in that manner. Continuous indicates duration without interruption. Continual indicates d uration that continues over a long period of time, but with intervals of interruption.

Here’s the (cringingly-named) website Quality Gurus:

Continual improvement refers to a process that is repeated and has pauses in between repetitions. This approach is phased, with improvements being made, then a break to measure and analyze the success, and further improvements can be made.

On the other hand, continuous improvement is an uninterrupted flow of improvement. It is a sustained process of development, where the focus is on constantly looking to make improvements.

And not to be left out, here’s ASQ chiming in on the matter:

The difference between continuous improvement and continual improvement might seem insignificant, but the definitions of both continuous and continual point to subtle variations. Continual might mean something that can happen with recurrence, whereas continuous suggests constantly ongoing activity.

Meanwhile, the thesaurus has this to say about the two terms:

That’s right, they are literally synonyms. The clowns insisting, smugly, otherwise are incorrect. I’ve argued about this previously in my article Just Stop: Six Tropes that Quality Professionals Need to Stop Spreading.

So, in this case CE is technically correct, even if they quoted the ISO 9001 standard wrong. It’s only because of pedantic dummies who insist there’s a difference between the terms that CE has egg on its face. Given that CE is serving the market run by these pedantic dummies, they should know better.

The CE article (here) was written by Holly Fitzpatrick, who is not a quality management expert, but a creative design marketing professional. My curiosity piqued, I ran the article through a Grammerly plagiarism checker, and it came up as 13%, but most of the copied content was from text around the PDCA model which appears in lots of places. Nobody is providing any attribution to anyone on that content, so CE is just following the (bad) practices of everyone else.

The lack of attribution and generic presentation of the material, however, have my AI sniffer going off. My gut tells me the piece wasn’t written by Fitzpatrick at all, but a bot that scoured material on Kaizen from a bunch of other places, and repackaged it.

Still, it’s going to anger the leather-elbow and brandy-snifter crowd at the next ASQ and CQI meetings.

ISO 27001 Ensures Security – Because Of Course It Does

The same spam mail had a more interesting article, however, related to ISO 27001. CE published a case study about its certification client, 9 Story Media Group, and made some pretty wild claims about ISO 27001 in the process.

(This one was published without any author indicated, so we don’t know who wrote it. But it also smacks of something written by a “creative design” marketer, rather than an actual ISO expert.)

I won’t go over the whole thing, but this is the whopper that jumped out at me (emphasis added by me):

Ultimately, gaining ISO certification would effectively mitigate risks for a company with diverse operations, ensuring security, competitiveness and global recognition.

Yeah, umm… ISO 27001 certification doesn’t do any of that.

It won’t “effectively mitigate risks” nor will it “ensure security.” And you can bet your entire momma’s farm on the fact that if 9 Story Media Group gets hacked tomorrow, Certification Europe will be trotting out the old horses about how “ISO certification isn’t a guarantee,” and “ISO audits are just a snapshot in time, based on evidence presented during the day of the audit,” and “compliance doesn’t mean security.

Sure, none of those get-out-of-jail-free disclaimers (always presented after something bad happens) appear on the actual ISO 27001 certificate. And, sure, certification bodies like CE make the opposite claims in their marketing all the time. So CE is just carrying on a well-worn tradition of saying one thing in its marketing, and totally something else later when the shit hits the fan.

I’m no creative design marketing professional, but I do know a little about the law, and this is just begging for a civil suit for misleading advertising. I’m sure Ireland has laws against deceptive marketing (oh, look, they do), so you’d think CE would run this stuff past Legal before publishing. You’d be wrong.

I’ve had this conversation before, and those who use these arguments will then debate over the meaning of “ensure” or “mitigate” or “effectively.” These terms don’t mean what the dictionary says they mean and are more nuanced, they insist. I call bullshit, but I’m just an observer in this peanut gallery, so what I think doesn’t mean much.

Ultimately, folks at UKAS or IAF should be correcting the marketing by the CBs, but so long as the checks clear, they aren’t about to do anything. As usual.


Free ISO 9001 Template Kit