|
Juhani
Anttila
ISO 9000 STANDARDS SERIES, A CONTINUOUS
SUBJECT TO WIDE INTERNATIONAL INTEREST AND APPLICATION Introduction ISO 9000 standards are based on a long term international cooperation, large consensus, and achieved a wide recognition among organizations all over the world. There is a continuous work going on in the international standardization committee ISO TC 176 (Quality management and quality assurance) to revise ISO 9000 standards family and its parts on a regular basis according to the international standardization rules. In addition to the current standard versions there are always available also drafts for the future editions that may be taken into consideration when organizations are developing quality approaches for their future challenges. ISO 9000 standards are applicable for all kinds of organizations. ISO 9000 standards are really a world-wide phenomenon of business management. That is why there is also a broad continuous discussion how to get maximized benefits of the standards. In this sense standards set particular challenges on the comprehensive understanding within the appliers. ISO 9000 standards aim to present the international recognized foundation for fulfilling general needs and expectations of quality management (QM) and quality assurance (QA). They emphasize a continual and systematic improvement of the management systems for ensuring organizations' sustainable business success. However, one cannot be content or pleased with the standardization process and the current practice of applying the standards. There is much criticism and even cynicism against the applications and their results. This is mainly due to intentional or accidental misunderstanding of the objectives, nature, structure, and substance of the standards. Truly ISO 9000 standards were aimed to be - and really can be - useful, practical, and recognized reference material for the innovative development of any organization's business performance towards the level of excellence. ISO 9000 standards also promote world-widely referred TQM (Total Quality Management) movement within all kinds of organizations. When using standards effectively and efficiently, the major responsibility is squarely on the business leaders and quality experts have the role of facilitation. Standards realizations should be done through selecting and implementing modern, innovative and superior managerial means to strive for organizations' own business goals. Organizations should use with ISO 9000 standards also all other appropriate and useful sources of relevant information, especially sector specific standards, business excellence models (quality awards criteria), and benchmarking references. In this way the real purpose of the standards will take place. The basic standards of the ISO 9000 family are ISO 9004 and ISO 9001 that form a consistent pair of concepts for quality management (QM) and quality assurance (QA). ISO 9001 cannot operate effectively or efficiently without taking into account the foundation of ISO 9004 and understanding clearly the key concepts and principles of the standards. There are additionally a lot of other related and supplementing standards in the ISO 9000 series. Standard ISO 9000 defines the main concepts that are used in the whole ISO 9000 standards family. Long term and broad-based development of the standards ISO 9000 standards have been internationally compiled and continually revised and developed during the recent decades and commonly used as a general standard model for integration of quality into business systems in more than one hundred countries and in multitude different fields of business. The standards have been translated into a lot of languages. ISO 9000 standards are bestsellers of standardization bodies. People are even talking about ISO 9000 phenomenon. One may recognize the following mile stones and phases in the
development of the ISO 9000 standards: The next fourth generation
of the basic ISO 9000 standard will include: The new ISO 9001 will be published in 2008 and ISO 9004 in 2009. Draft documents are available before the publications. Future development
of the ISO 9000 standards is projected by the Horizon 2010 strategic decisions
that include the following vision, goals, and strategic intents and strategies:
The ISO 9000 standardization, and particularly ISO
9001 and ISO 9004 standards, have had an enormous impact on the development of
quality practices globally in all kinds of organizations. However, this has not
taken place without problems and drawbacks:
Unsatisfactory ISO 9000
standardization development has negative effects: Quality management principles, the profound basis of the standards As such, the ISO 9000 standards don't bring about much new special measures in well-functioning organizations that already utilize an effective and efficient management and leadership approach in an innovative manner. However, the standards ought to be viewed for inspiring to organization-specifically superior realization solutions. Regarding the standards as obligatory requirements (and especially as so-called minimum requirements) ought to be eliminated as that is not according to ISO 9000's aim and cannot lead to the challenging objectives embodied in the ISO 9000 standards. When utilizing
ISO 9000 standards, one should take into account the eight quality management
principles (QMP) which have been drawn up as a basis for the entire ISO 9000 standards
series. With the help of these one can breathe the "spirit of business life"
into ISO 9000 realization. These principles are: The quality management principles of the ISO 9000 standards also point out clearly how the standards aim at implementing TQM (Total Quality Management) that is considered in a lot of literature and that is also utilized in well-known performance excellence models (quality award criteria). Thus the standards and the performance excellence models are both promoting the same issues, quality of management, and excellent business performance and sustainable success realized in a systematic way in an organization's management system. Current QMP's of the ISO 9000 standards have been as such already about 20 years and therefore they don't reflect any more all the conditions and features of the modern business environments. It is recommended that the standards appliers are considering also the corresponding principles and concepts of the recognized performance excellence models and creating their own good management principles that are relevant for their business situations. Quality management and quality assurance The
ISO 9000 standards texts delineate clearly two principal and consistent areas
of organizational management (figure 2):
These two areas have differing purposes. However, QA can in practice never succeed unless QM is in proper order. External certification in connection with ISO 9000 standards is a by-plot of quality assurance and in many cases one for which there is not even any real need. The most organizations using the ISO 9000 standards, however, have no intention of ever being certified. These companies want to utilize the standards (especially ISO 9004) internally in order to improve their business performance. Certifications have simply been granted with too great (and even an erroneous and deleterious) a role in the media. Many users
of the standards do not clearly grasp the fundamental difference between ISO 9004
and ISO 9001. The general outlook of the ISO 9004 and ISO 9001 standards is very
similar. However, if, for example, the ISO 9001 standards only were to be used
for developing a quality management system, the basic purpose of ISO 9000 will
not be realized and the results will remain ineffective and inefficient. Organizations
need both QM internally and QA externally for operations with stakeholders (figure
3). QM (as considered in ISO 9004) and QA (as considered in ISO 9001) should in no case be distinct issues separated from one another as they should form a consistent pair of managerial areas. In practice this can be achieved most effectively only if both are grounded directly in the actual activities of the organization's management system and business processes. This is the approach of quality integration. In effect, QA is that part of QM. All organizations have always a certain level of QM and QA realizations and there are always possibilities to improve the situation. Iso 9000 standards are widely used and widely misunderstood and misused Generally there are great
expectations concerning quality all around the world and one can refer to a multitude
of success stories pertaining to systematically implemented quality development
projects. However, at the same time recognized experts have indicated that even
the majority of development initiatives which are undertaken under the name of
quality have failed. ISO 9000 standards have been for many years one of the most
significant references for quality development in all kinds of organizations.
When subjecting results gained from these applications to critical examination,
one can say that the results are, to say the least, contradictory. While others
commend the standards, others are deeply disappointed and even frustrated with
them. The standards applications have not necessarily had significant effects
to the overall business performance. The most critical allegations concern organizations'
quality system certifications made by external third parties. There are two fundamental
quality problems embedded in these certifications: There is not necessarily any justified relation between the number of certified companies and the general competitiveness in terms of economic performance, and no significant difference between certified and non-certified suppliers with respect to reliability of deliveries, the quality of products, and the number of complaints. Furthermore, certification does not seem to guarantee high quality of goods or services. In cases with positive effects of ISO 9000 applications there are normally no experiences about the other possible alternative - and even better - means. In fact, in very early and undeveloped phases of an organization's quality approach, all systematic means are normally seen useful. Mostly the problems are originated in the insufficient understanding of the purpose, nature, or fundamental principles of the standards. One can find a lot of practical cases from organizations applying ISO 9000 standards where the standards are not understood in the comprehensive way they have been defined in the standards themselves. There are also many misleading consultants. Problems
in use of the standards have also reflected to the standardization work within
the responsible committee ISO TC176. Negative effects include e.g.: Very
often ISO 9000 standards are being wrongly understood as obligatory requirements,
and also standardization organizations are seen as some kind of official authorities
to define those requirements. Also very misleading is often heard statement that
ISO 9001 defines minimum requirements for quality management. There are no arguments
for that in the standard texts. These may be reasons why companies' implementations
so often reflect passive and reactive ways to realize standard issues. But that
is not the purpose of ISO 9000 standards. One should use proactive and innovative
means to realize standards clauses (figure 4). The standards set no restrictions
for that. The concept quality management system, which is absolutely central to the issue, has largely been misused. Still many organizations are using the obsolete concept "quality system" although it does not exist any more in the ISO 9000 standards. ISO 9000 quality management system is not defined by ISO 9001 only. One must necessarily take into account also ISO 9004 topics. In fact, ISO 9001 is a part of ISO 9004. According to ISO 9000, a quality management system refers specifically to the management system, i.e. the system used for business management and leadership, comprised of organizational structures, approaches, processes, and resources, and which meets primarily business needs of the organization. "Quality" is an attribute of the management system implying, that appropriate professional management and leadership principles and means are applied within the organization's management and leadership system in order to ensure and increase its effectiveness and efficiency. The standards present a standardized approach for these principles and means. Quality management system is very different from quality system. Actually, the real quality management system is always integrated into the business management system. Thus, it is appropriate to speak about quality "systematicity" that is realized through business management and business processes. The quality management system is in fact a concept of systematic approach for quality of management. It is more a thinking model or mental system than any physical system. A distinct quality system can even be damaging. In real
business environments the genuine quality management system can never be a distinct
system. A real quality management system is always seamlessly integrated or embedded
into the leadership system of a business (figure 5). The quality management system
is realized especially through business processes and professional quality methodology.
Distinct management systems, including quality management, upheld by different
organizational (support) functions and different specialized experts, will sooner
or later generally entail negative effects to the business. Factually each organization
can have only one holistic business management system, and when that system creates
business success it can be called "quality management system". In practice, both quality management and business performance are fuzzy concepts. This implies that an overly simplified ON/OFF way of thinking - implying that there is or isn't a quality management system - is not a fruitful approach. The maturity degree of QM can be evaluated with quality awards criteria. Also ISO 9004 suggests a simple rating method for a self-assessment of a company's quality management approach and its maturity. Organization-wide self-assessment is a strategic management issue. Internal auditing (according to the ISO 19011 standard that is one part of ISO 9000 standards family) is more operational by its nature. It is most useful to carry out audits per business processes that are the operational elements of the business system. Internal auditing is very different compared with external, e.g. third party, auditing. It should cover both QM and QA issues and emphasize organization's comprehensive business needs. In external auditing one is interested only in QA (as covered by ISO 9001) issues and customers' viewpoints. Standardized QM / QA elements Only certain major topic areas, or QMS "elements", of an organization's management and leadership to be used for QM and QA realization are explicitly considered in the standard texts. This does not, however, mean that in the ISO 9000 standards QM and QA would refer solely to these issues in an organization. They must naturally supplement these standards topics in accordance with organizations' own needs and circumstances and realize them in a superior manner on the basis of their own innovative decisions. Sector specific applications of the ISO 9000 standards, including automotive, telecom, aviation, etc. industries, may provide useful information and details for the company-specific tailoring. The real quality management system consists of all these issues being in use in an organization. In the ISO 9000 standards, very little emphasis has been given to the means on how to implement these QM / QA elements. In the ISO 9004 standards only some commonly known, standard means on which the experts of the standardizing committee have been unanimous upon are presented at quite a general level. On the other hand, the presentation of means in the ISO 9001 standards was not allowed at all, in order to prevent anyone from interpreting them as obligatory requirements. How things are implemented in practice in an oragnization depends precisely on what its performance is like with respect to QM and QA. Thus it seems questionable whether e.g. the expressions "in compliance with ISO 9001" or "fulfils ISO 9001 requirements" have any real meaning with respect to an organization's performance. All ISO 9000 QM / QA elements discussed in the standards are factually parts of organizations' business system and are realized in business processes. The process-like performance model constitutes in fact the business-like basis of the ISO 9000 standards. This means that realization of the standards ought to take the business processes of a company, and not the standards clauses, as its starting point. When utilizing ISO 9000 standards, one should also take into account with each QM / QA element the eight quality management principles. Internal performance assessments, essential parts of QM Performance management includes that business performance
is assessed internally by organization's own resources for performance improvement
and also for QA. Both strategic and operational assessments are needed. Aiming
at business excellence requires that also relevant references of competitors and
best practices and benchmarks in other organizations are taken into account in
the assessments. Auditing is based on the ISO 19011 standard
definition and principles. Internal auditing is a comprehensive task that should
be both reactive and proactive by nature. Its purpose is not only to search for
nonconformities (non-fulfilment of specified requirements) or defects (non-fulfilment
of intended usage requirements or reasonable expectations under the existing circumstances)
but there is a broader business related scope in auditing. Also performance strengths
of the processes must be noted in internal audits. Also quality assurance (QA) should be realized in a way that is most efficient and suitable in the light of the business requirements and taking into account the competitive aspects of the market-place. That is the real opportunity in using ISO 9001 standard. However, ISO 9001 standard-text considers only effectiveness of the QA but not at all efficiency aspects. In real business cases, however, the company itself must take also efficiency seriously into consideration. That means particularly the "How" -issues in ISO 9001 realization. QA refers to measures with which both customers as well as other stakeholders become convinced that the requirements pertaining to products quality are being met. An overemphasis on QA should be avoided so that they don't turn to be superficial and not fulfilling its real purpose and needs. In QA between two parties the most natural and sound approach is to utilize quality assurance agreements and related quality assurance plans, for which ISO 9001 serves as a general model. Historically QA was grounded in the requirements of major customers (e.g. defense, nuclear energy, automotive, etc industries). The new and modern approach is, however, for a company (a supplier) to view QA as a service to its customers and to seek to provide this service in a superior manner, and at least to be better than the competitors. The key strategy for this is the "Win / Win" partnership between the organization and its interested parties. Certification or registration refers to indicating with a certificate that a product is or will be in accordance with a specific requirement (standard or specification). A certificate relates primarily to a product case and through that also to those activities of business processes determined to assure the specific product features. Certifications concerning product quality assurance typically adhere to the standard quality assurance model, ISO 9001. The general kind of certification does not describe the quality of a product or the business performance of a company, but it is used for the purposes of quality assurance, that is, to create or reinforce confidence in the fact that the products which are being produced meet the requirements. Certification is closely linked with market and customer communication. A third party certification of a quality management system apart from the product and the customer is questionable from the business benefits' point of view. When considering quality assurance
the needs and expectations of the interested parties should be taken into account.
In many businesses the following is typical: Conclusion for this kind of business situation is that there are no justification and no needs for a general third party certification of quality management systems in this business case. That even could hinder an innovative development of customer-focused QA approaches. External certification in connection with ISO 9000 standards - if it is really needed - is only one of the means for quality assurance and it can be a by-plot of a company's strategic quality approach. Only roughly one quarter of the companies using ISO 9000 standards are certified and many of them may have no intention of ever being certified. These companies want to utilize the standards internally in order to improve their business performance and to use them as general agenda for QA in contractual situations. Certifications have simply been granted with too big (and even an erroneous and deleterious) role in the media. Today there is a big credibility crisis in certification business and in some areas the number of certificates has started to decrease. In fact, there are also different options for certification. A certification can be performed by the first party (the company itself, i.e. self-certification or self-declaration), the second party (customers), or the third party (a service company specialized in certifying services). The most genuine and natural way to proceed is self-certification, which has gained interest due to the flaws associated with third party certifying. However, self-certification always requires a strong personal and professional commitment and visibility to quality management from the top business leadership of a company. This is why certifying performed by an external third party may be a sign of weak, ineffective, and old-fashioned quality management and outsourcing this important management responsibility. When realized seriously the self-certification may provide for remarkable strengths compared with the third-party certification. Certifications provided by customers are especially recommended and an organization should strive towards gaining certifications from their key referring customers. With regard to third-party certifications - should this become necessary in the light of marketing efforts - it is worthwhile to examine them by restricting them only to questions pertaining to safety, health, environmental protection, and product liability. Serious criticism has been directed at certifications made by third parties due to the fact that these often entail an emphasis on the business objectives of the company (certification body) doing the certifying. This entails the commercialization of certification. Advanced companies may proactively get advantages from all different kinds of certifications simultaneously according to the needs of the various business cases. One
cannot distinguish from the competitors only by leaning on general third party
certifications. On the other hand, product features (including both goods and
services) which take into account customers' needs and expectations do offer an
opportunity to provide also superior QA services to the customer. Thus quality
assurance can be seen as a value-adding part (i.e. a service-element) in company's
products-offerings (figure 6). The new e-business technology creates completely
new cutting-edge solutions (e.g. "e-certificate") for quality assurance.
E-certificate consists of Internet site(s) or portal solution providing for assurance
that an item conforms to a standard or specification indicated by the certificate.
It gives also an opportunity to personalize and create partnership-dedicated efficient
solution with extranet technology. Organization's QM model for a comprehensive ISO 9000 integration Every organization has always existing its own way to realize QM and QA. The integration of QM related measures can be made more effective if the business management infrastructure is clearly and innovatively defined and the organization has adopted its own QM framework within the management infrastructure. This is also a natural basis for excellent ISO 9000 applications. Both
vertical (strategic) and horizontal (operational) integration of quality management
issues with business management is needed. This takes place in a natural way at
four levels of the leadership: Within these levels, the management tasks include business planning, control, improvement, and assurance that should all be realized in a harmonized and systematic way and in accordance with the organization's business objectives and leadership practices. Integration of quality management will not take place unless QM elements have been included within these normal leadership tasks. Also with QA - i.e. application of ISO 9001 - factual information from all these infrastructure levels and management activities can be used to create solutions for the interests of the customers and other interested parties. Other
specialized leadership and management areas, which are analogous to quality management,
should be implemented with a uniform systematic approach (figure 7). In this way
the general principles of the ISO 9000 standards would be applicable as a general
guidance also in the areas of e.g. social responsibility, environmental management,
occupational health and safety (OH & S), information security, risks management,
and financial management. There is no justification for creating separate systems
only for these areas, as they should all be integral parts of company business
activities. Distinct systems are in fact harmful to the overall business performance. Conclusion In order
to realize all ISO 9000 standards' opportunities one should use the whole ISO
9000 standards family in a consistent and innovative manner. Commonly defined
guiding ideas of QM, especially the eight ISO 9000 quality management principles,
and tools should be employed in a natural and modern fashion integrated with company-specific
emphases. This implies e.g. the following for an organization's quality approach: Basically, effective implementing the ISO 9000 standards (consisting of both QM and QA) amounts to the same thing as innovatively company-dedicated business integrated TQM. Thus standards application should be seen as a strategic issue of the organization. ISO 9000 standards do not call for any extra measures or investments, but the standards can function as reference materials for measures pertaining to, for example, weaknesses and strengths discovered through a self-assessment performed by using performance excellence models (quality award criteria). Organization should not start any development actions only due to the ISO 9000 standards, but to do that on the basis of actual business requirements and their own quality enlightenment. This could also demonstrate the profound basis for unlimited opportunities for ISO 9000 applications to create competitive solutions for confidence within organizations' customers and other stakeholders. References (1) ISO
(2007). ISO TC/176/SC2 Home Page Annex [This material has been presented in different forms in different international seminars or conferences, e.g. in Vaasa, Finland 1999, Mumbai, India 2000, Budapest, Hungary 2000, New Delhi, India 2001, Antalya, Turkey 2002, Cape Canaveral, USA 2002, Ostrava, Czech Republic 2002, Kashira, Russia 2003, and Fribourg, Switzerland 2004] |
| |
|
|
|
