The Case Against “Improvement” in ISO 9001

by Christopher Paris
VP Operations, Oxebridge Quality Resources International

ISO requires that its management system standards undergo a review every 5 years, for the purposes of improving them.  The unwritten, but accepted, practice is that every other such revision will be a major one, with the rest being minor. Thus ISO 9001:1994 was minor, ISO 9001:2000 was major, 2008 was minor… and 2015 is expected to be pretty dramatic, with rumors of the inclusion of “systems thinking”, “risk management” and maybe even a little “complexity theory” thrown in. (I doubt that last one.)

As we saw in ISO 9001:2000, the notion of “improvement” was also hardcoded into the standard itself, the result of adopting the concept as one of the “8 Management Principles” which defined the basic outline for ISO TC 176 members to use when developing ISO 9001. According to one Canadian TC 176 member I spoke to recently, those management principles themselves are up for revision, which will cause the entire ISO 9001 standard to under major philosophical change.

So, to recap: ISO itself requires permanent revision of ISO 9001 for the purposes of improvement, and then requires users of ISO 9001 themselves to improve.

At the risk of sending a jolt through the seat of every quality professional reading this, and not a few TAG 176’ers, allow me to gently, professionally and courteously say this:

I call bullshit on “improvement.”

IMPROVING THE STANDARD

In order to buy into the concept that a “standard” must be improved periodically, one must then admit that ISO 9001 is not a standard at all. Every dictionary and professional definition of the word standard requires some element of fixation – that is, that it is the comparison of a thing against a fixed, known, established or otherwise agreed upon point in physical or philosophical space.

Standards are used to compare other things against, in order to determine their compliance. How can you compare a thing against a moving target? Short answer: you can’t. As a result, selling ISO 9001 certification as “universally accepted” is one of the biggest scams running. That’s not to discount the benefits of ISO 9001, of which there are many. But this obsession with the “i-word” is risking shoving the standard into further alienation among potential users, and further into irrelevance.

Let’s be frank. US adoption of ISO 9001 is dying.  About ten years ago 0.7% of companies in the US had adopted ISO 9001. The number is more like 0.6% now… worsening, not improving.  More Americans consumers know what “Rainforest Alliance Certified coffee” is than they do “ISO 9001.” ISO has lost the brand war, and is left publishing a product that 99.4% of US companies either never heard of, or have rejected outright.

To put that another way: more people have heard of the failed Yugo automobile than ISO 9001. Why? Because Yugo’s flameout was public spectacle. ISO continues to pretend that ISO 9001 is relevant, and so there’s no flameout. Just a dead fire, spitting a few embers.

I put part of the blame on this obsession with “improvement” and how it leads to an unnecessary and ineffective complication of the standard itself.

In the world of TC 176, improvement is not done to bring the ISO 9001 standard up to date with latest technologies — say, improving the clause on document control to allow for electronic forms, which typically cannot be released with revision indicators or change histories. Instead, TC 176 thinks that it must scour the quality profession for the latest tools and techniques, and then embed them into the standard. In 2000, that was the “process approach.” In 2015, it’s going to be risk and systems, among other things.

12 years after the inclusion of the “process approach” no one still can agree on what it means, how to audit it, and how companies should implement it. The problem is so bad, the aerospace industry issued a FIFTH revision on its auditing standard AS9101, giving yet more guidance (and paperwork!) on how to “audit processes.” Twelve years later, and the rocket scientists can’t figure it out!

Can you imagine the effect of asking ISO 9001’s audience to suddenly comprehend “systems thinking“?

Improving for the sake of improvement goes by another name: wasting time. It also continues to move the goalposts, constantly changing the definition of “quality” and, thus, what ISO 9001 certification means. If a company was certified under ISO 9001:1994, but then de-certified under ISO 9001:2000, does this mean that they company was no longer producing a quality product? Or was it due to the fact that their quality was fine, their customer satisfaction was high, but they just failed to implement “the process approach” in a manner acceptable to their auditor?

If that same company gets re-certified under ISO 9001:2015, will that mean they got the process approach under control, but now are producing bad products?

You can see the mess it makes. The true users of ISO 9001 are the companies BUYING from ISO 9001 certified organizations; If I’m a customer, how do I interpret ISO 9001 certification if the meaning changes every 5 years or so?  And so it becomes meaningless, and we’re back to relying on 2nd party audits.

And, as I mention, complicating things by adding whatever latest buzzword infects the business section at Barnes and Noble is counterproductive to the growth of ISO 9001. Companies could wrap their head around the old MIL-Q-9858 derived version of ISO 9001 from 1987. It’s not an accident that we saw a drop-off after the 2000 version, which dumped MIL-Q-9858 for the new age “universal” approach of process management, was released.

We need to be sure any changes made to ISO 9001 are done to make if more accessible to organizations, not less. We need to de-complicate it. that doesn’t mean stripping away key components to make it palatable to the dumbest QC Manager out there. Rather, it means ridding ourselves of prescriptive methods — such as the “process approach” — and allowing companies to decided how best to manage their companies, within a limited set of constraints presented as actual requirements.

In a recent interview with Wired, SpaceX founder Elon Musk said:

I don’t believe in process. In fact, when I interview a potential employee and he or she says that its “all about the process,” I see that as a bad sign. Process becomes a substitute for thinking. You’re encouraged to behave like a little gear in a complex machine. Frankly, it allows you to keep people who aren’t that smart, who aren’t that creative.

This is the successful billionaire talking. Maybe we should listen to him, rather than Jack West?

Whenever there are alternative ways to manage a company successfully than a given ISO 9001 clause, then the clause needs to be removed. It means the TC 176’ers inserted their opinion on method, which is supposed to be prohibited from management system standards. Unfortunately, most cannot discern the difference.

IMPROVING USERS

Asking ISO 9001 users to “improve” is also a source of endless problems. In the ISO 13485 standard, they recognized this and stripped out any use of the word “improve” and swapped it out for “comply with requirements.” If you build a pacemaker, and get it FDA approved, you’d damn well better not start tinkering with it for the same of improving manufacturability or on-time delivery.

But that’s exactly what ISO 9001 asks us to do: improve any way you can. Which sounds laudable, but it is another impossible-to-verify requirement. What constitutes “improvement” anyway? How can an auditor determine compliance to it? Better yet, how can they legally write a nonconformity against a company for failing to improve?

Look at some of the Baldridge winners, or Six Sigma advocates: some of these companies have gone bankrupt, others needed federal bailout money. Even Toyota’s lauded quality system is under attack as the company faces a decade of safety problems and recalls, tarnishing its previously untouchable image.

NASA blew up the Colombia shuttle while certified to AS9100, which included the ISO 9001 requirements for improvement. Their “corrective action” was to launch the shuttle, have it roll over for a visual inspection of tiles at the ISS, presumably so if any tiles were found missing the astronauts had time to alert their wives that they would be burning to death upon re-entry. Is that “improvement?”

But on paper, I am sure these companies would be able to satisfy any auditor, while lesser organizations get beat up for not improving on some other obscure auditor-invented requirement, disguised as (wait for it) … “opportunities for improvement.”

TINKER, TAILOR, SOLDIER, UNEMPLOYED ISO SECRETARIAT

Let me be clear. I’m not arguing that companies shouldn’t improve. I’m simply saying there’s no room for it in the ISO 9001 standard itself. The goal of the standard was (at one time) to ensure a company had a consistent method in place for producing products or services that met customer requirements. Now we want them to cure puppy cancer on the side.

Improvement must remain under the direction of ISO support documents and standards, such as ISO 9004, and not in any that require a third party auditor to interpret its meaning in order to issue a compliance certificate. And so we find that the obsession with improvement is not only hampering the world’s acceptance of ISO 9001, it actually does nothing to help the companies adopting it.

What to do, then? ISO must change its course, and issue new marching orders to its TC’s including 176: take improvement out of your certification standards, and simplify them.

Once we get them to a place that people actually start using them, leave them alone and stop tinkering.