Ask yourself the following questions about your business:
If you answered yes to any of the above, then you should really look at putting a Quality Management System in place.
The purpose of a quality management system is to ensure every time a process is performed, the same information, methods, skills and controls are used and applied in a consistent manner. If there are process issues or opportunities, this is then fed into the quality management system to ensure continuous improvement.
The fact is that ISO 9001 ticks two major boxes when it comes to choosing a QMS - it’s simple yet effective.
It’s based on a plan-do-check-act methodology and provides a process-oriented approach to reviewing the structure, responsibilities, and procedures needed to achieve effective quality management in any organisation.
The standard requires that there is a quality management system in place with certain control mechanisms that guarantee quality of provision. These can be generally broken down into:
A big part of ISO 9001:2015 is about how to plan to continually improve your organisation, and one of the areas you’ll have to look at will be an assessment of the context of your organisation.
Among other things, a context assessment is really about ‘getting under the skin’ of looking at (bluntly) ‘why people buy’ - at least, buy from you. Buying a product or service can be seen as a problem-solving or desire-satisfying process, in which customers seek to match its attributes with their needs or wants. In this process, they look at the available products or services to see which is most likely to offer the benefits they seek.
There are five elements that customers take into account when considering quality. They can be thought of as five questions:
Specification: ‘What can I expect when I buy or use the product or service?’ The specification should enable potential customers to determine whether the product is likely to meet their needs.
Conformance: ‘Will it do what I expect?’ Any shortfall in conformance to the specification or customer requirement is bound to lead to dissatisfaction.
Reliability: ‘Will it continue to do what I expect?’ Clearly, customers will value a car that always starts first time.
Delivery: ‘When can I have it?’ It is important to distinguish between two aspects of delivery: availability and dependability. Availability is about when something will be ready for a customer. Dependability is concerned with the adherence to a delivery or attendance time once that is agreed.
Cost: ‘How much do I have to pay?’ A purchase is as an exchange, in which a customer obtains goods or services by offering something of value in return. Customers will be satisfied if the price they pay, whether in money or in some other form, equates to the value they place on the goods or service.
Next week we’ll explore how we look at these help people to judge what ‘quality’ means to them…
The Hubble Telescope, the iPhone 4, the Ford Pinto - what do all these have in common?
Well, these are all quite high-profile quality management failures. The space telescope Hubble featured the most precisely ground mirror in history which had been ground into the wrong shape, meaning its images were only slightly better than Earth based telescopes, and very distant and faint objects (the very reason for having an orbiting telescope) could not be seen at all.
With the iPhone 4 it quickly became clear that it was difficult to make a call - not the greatest feature for a phone. Independent tests revealed that touching the left side of the case at a certain spot interrupted the signal and dropped the call.
And while it would be easy to nominate the whole U.S. automobile industry in the 1970s for the prize of ‘worst quality’, the Ford Pinto is most well-known due to its design flaw making it a firetrap which Ford executives knew about but waited eight years to put right.
A Quality Management System (QMS) should be used to understand customer requirements, then manage internal processes (for example design, production, delivery, etc) so that they fulfill these requirements in an effective and efficient way, and continually makes improvements.
Now most of us are fortunate in that when important requirements are missed or processes run amuck, it doesn’t make International headlines. But not taking quality seriously will still mean that customers will still get upset and management and employees both might be unhappy.
This is why getting a QMS will always be a sound investment for any company. But what are the difficulties around implementing one?
Well, the first and probably most important question for you to answer is “what is your definition of quality and why does it matter to your customers?”
There is no shortage of advice on how to achieve quality. The only apparent problem is how to choose from among the innumerable models and methods on offer.
Also, quality is something that everyone must be in favour of, as no one ever argues that there should be less of it. So, by default, we must assume that there is both the will and the way for organisations to improve the quality of their work.
However, in reality many organisations seem to find managing quality difficult. If you have been involved in trying to implement quality initiatives you already know that it rarely works out that way. This can lead to cynicism about quality management and give it a bad name.
All claims for a universal panacea in management should be treated with extreme scepticism. If it were that easy, there would be no unsuccessful organisations.
Some of the main difficulties experienced by those implementing quality improvement programmes are:
The fact is that quality can be one of the most elusive elements of the business world. Company mission statements often refer to quality in one way or another e.g. ‘Delivering the right quality at the right price’.
Many authors provide definitions of quality from just about every standpoint in the business world. There is no doubt that quality is important in business, but what does quality mean and how can it be measured? In the trade or sale of goods, does quality mean new, perfect goods?
If it did there would be no room for the mass of retail outlets that sell factory seconds or rejects. There would be no market traders selling bags of broken biscuits. There would be no call for second-hand goods.
The trade in less-than-perfect goods or multiple owner (second-hand) goods is extremely lucrative and has made many a millionaire! Most of their customers would claim to be getting quality or they just wouldn’t buy. So are they getting quality or are they getting value for money?
In the provision of services the same rules apply as in the provision of goods. If not there would be no room for no-frills airlines or Air BnB.
So quality isn’t an independent stand-alone factor. Price and customer needs or demands have a serious impact on approaches to quality. When we consider trade across the whole of the UK, quality becomes more elusive, and when we consider the whole of the EU, and finally world trade, it can seem too complex to imagine.
It is this difficulty in defining quality that has taken the quality gurus away from the notion of a universal ‘gold’ standard of goods or services to a notion of customer demands. Customer demands are by no means uniform so there needs to be flexibility in any definition adopted.
Let’s be honest, there are plenty of times when organisations might want to get ISO 9001 certification to tender for a contract, or to get on a supply chain list.
Government, local authorities and larger organisations sometimes require certification before they will consider a tender from a supplier. Even if certification is not a mandatory requirement for a customer, it will give them an advantage over their competitors.
In far too many of these cases certification just becomes an end in itself, rather than a genuine desire to improve the way the organisation operates.
However, even in these cases, many companies are pleasantly surprised by the benefits that a Quality Management System does offer, even if that’s not the focus they originally started out with.
What are the true benefits of Quality Management System?
Quality management adopts the perspective that all parts of an organisation and all its employees can have an impact on quality. Although the errors of those in direct contact with its customers may be more instantly recognisable, the errors made by those who have only an indirect role also detract from quality.
For example, the poor design of a product may dissatisfy customers, or a clerical error may result in an angry customer if it leads to their being invoiced incorrectly. Quality management takes a truly systemic approach to organisations; it is based on the belief that quality will come about only if all employees and all activities of an organisation are involved:
To see quality through the eyes of customers and exceed their expectations, an organisation must first know what its customers want. Building a relationship with, and getting closer to, its customers is essential if it is to gain a thorough understanding of their expectations.
Quality management highlights the important role played by all those who deal directly with its customers, those providing services, sales and marketing staff, and so on. Such staff have an invaluable opportunity to obtain vital information about the perceptions that customers have about the organisation and its products and services, and can gauge any changes in customers’ expectations and any indications of their future requirements.
Everyone must commit to quality
But what about those who operate well away from their customers? Quality management addresses this with the concept of a chain - in this chain everyone in an organisation, no matter where they work in it, is considered a link, and the chain eventually leads to an external customer.
Put simply, if quality is maximised as a product or service moves along this chain, then ultimately the external customer will be satisfied. Changes in customers’ requirements can also be communicated backwards along the chain. These chains stretch back to suppliers who are themselves external to the organisation.
For this concept to work in practice, good communications throughout an organisation are essential. This leaves no place for the inter-departmental barriers and ‘turf wars’ that can characterise so much of organisational life and hamper effective communications within the organisation. Quality management simply cannot work within an atmosphere of ‘them and us’.
Quality should always be at the top of the management agenda and be an issue that requires leadership from the very top of an organisation. Senior managers’ lack of commitment is recognised as the most significant barrier to achieving the successful implementation of quality management. This is why senior managers need to develop a quality strategy for their organisation that will:
You must demonstrate your commitment to quality
Fine words are never likely to be enough, however. Managers need to demonstrate their commitment to quality management by their actions. As well as setting the framework for quality management by putting into place appropriate quality systems and procedures, supportive performance measurement systems and reward schemes, managers also need to demonstrate a personal commitment to quality management by, for example, fully participating in all quality improvement programmes.
There are three factors which are common to all approaches to Quality Management Systems:
The successful implementation of a Quality Management System requires a supportive organisational culture - a culture of quality. There is a strong sense of learning from mistakes and avoiding the apportionment of blame. In this culture, everyone takes responsibility for achieving quality improvements, but such an environment can only be built on mutual trust, with a management style that does not depend on blame or fear.
When future history books are written, the pandemic of 2020 may well go down as the time when the way we live and work changed fundamentally.
The workplace of the future could look markedly different from the ones we were using in 2019, from flexible working spaces to plasma ventilation systems, body temperature sensors, desk screens, and the many other things which may become commonplace.
Undoubtedly many things will change because they will have to, in order to remain relevant and useful to our current plight. And ISO standards will be no different.
There are current elements of ISO standards which have already become more prominent and important to the organisations that use them. Hopefully this will also spur others to see the value they can bring in a Covid and (hopefully, and soon) post-Covid world.
Our first example will be ISO 9001, which is the standard that deals with the management of quality systems, and its focus on disaster recovery and business continuity.
With this standard you have to look at your risks and document them, along with the controls you’ll use to minimise any adverse affects this would have. Typical risks have traditionally been identified as extreme weather events affecting property, transport and power supplies (which can also have an impact on global supply chains); cyber-attacks and disruption to IT systems; changes to regulations and the political landscape; an loss of customer confidence due to negative publicity.
The idea is that you’ll manage disruption and limit the effects of these events to ensure business gets back to normal as quickly as possible.
Now, we’ve seen many a Business Continuity Plan that has also listed ‘pandemic’ as a scenario, but one that has probably never been envisaged as coming to pass. However, this is without doubt going to change, and how a business weathers a ‘virus event’ will become a hot topic for discussion across management teams up and down the country for years to come.
Another big area of significance will be attached to ISO 45001 - the standard addressing health & safety - and how assessing the risk of Covid in the workplace will become a primary concern.
In the UK, this falls under general management of health and safety in the workplace regulations, and all employers have to take reasonable steps to protect workers and others from the virus. A Covid-19 risk assessment is seen as a key part of this.
Guidance from the Health and Safety Executive, itself using guidance from Public Health England, drew up a series of issues an employers need to take into account when undertaking this assessment, such as identifying what work activity or situations might cause transmission of the virus; who could be at risk; how likely it was that someone could be exposed; and how they would act to remove the activity or situation, or if this wasn’t possible, control the risk.
In addition, some groups of people could be at more risk of being infected and/or an adverse outcome if infected, and this also need to be considered in the risk assessment.
So having a properly set up health & safety management system with a defined way of carrying out risk assessment using all of the available guidance definitely made life easier for organisations that had the ISO 45001 standard, and will continue to do so.
And finally, a nod to the importance of the ISO 27001 information security standard - organisations that had an information security management system in place found it so much easier to handle setting up staff working from home.
Organisations with the standard already had a suite of policies for working from home, along with risk assessments already completed, controls in place to combat unauthorised remote access, logging access to networks traced in the event of an incident, along with processes in place to close down any incidents as quickly as possible.
So as we change our ways of working, many elements of the most popular ISO standards are there to make it as easy as possible.
And the reason? Because they are all ‘risk-based’ standards. This means that they help you to focus your resources toward things that present a higher risk to you and your customers and clients. And these days, that means a lot.
Millions of people around the world have lost their jobs amid the current Covid-19 crisis - it is a crisis within a crisis. The long-term economic impact is yet unknown but will surely be deep.
What is not in doubt is that the economic strain on companies of all sizes across the UK and the rest of the world will be here for the foreseeable future. Manufacturers have closed plants, stores are shut, and consumer demand has collapsed in many sectors.
Research by the Institute for Social and Economic Research at the University of Essex has found that more than 6.5 million jobs could be lost due to the economic fallout from the UK’s coronavirus lockdown, about a quarter of the UK’s total jobs.
A simply staggering number of companies have plunged into administration, from stalwart high street brands to major travel agents, as well as a whole raft of businesses in sectors such as construction. The true toll is only just beginning to be understood.
So it’s no surprise that companies which are still managing to keep their heads above water will be starting to look at deep cost-cutting measures in the short- and medium-term. With profit centres being hit like never before, cost centres such as ISO compliance will undoubtedly have fewer resources until the economy turns around.
What does this mean for the ISO compliance functions of companies that are struggling?
In practical terms, they will have to make risk-based decisions about how to allocate the limited resources that they have. And one important thing to think about is how you can use the expertise of companies such as The Ideas Distillery to outsource your compliance tasks cost-effectively with little overhead.
Certification Bodies have recognised, for the moment at least, that the world has changed significantly. Just about all have turned to ‘remote auditing’ as a way to still service clients while still respecting the lockdown. There has also been the option of postponing for up to six months in many circumstances, although this option is now starting to wind down.
Any company’s priority will simply be to put themselves in a position to survive the crisis. So when dealing with budget constraints and limited compliance resources, flexibility and creativity will be key.
For our part, when we are helping businesses in these scenarios, we always assess risk and conduct a review with the aim of identifying core ISO compliance requirements. This often entails a historic review of internal procedures and controls to identify past activities or other problems to determine where the biggest risks reside.
External industry risks such as enforcement actions brought against competitors should be considered as well, along with identifying low-risk areas where there have been few incidents or problems.
But more significantly, we help companies to determine if new, immediate significant risks have arisen due to the pandemic. Another emerging risk may exist in a company’s sales department, for example, perhaps due to the pressures of bringing in new business. This may be an area that leads to an increase in customer complaints as things are missed.
The crisis may have caused companies to find new suppliers that have not been fully vetted due to time pressures. Likewise, the pandemic may have caused substantial risks to employee safety associated with reopening businesses. This emerging risk will likely call for the development of new policies and procedures that will require close oversight by senior management.
For more information - and to see how we can help - just get in touch with us in any number of ways using on our Contact page.
Here you'll find the latest blog articles on all things compliance, particularly focussed on quality, environment, health & safety and information security.
Get a completely free, no obligation, totally tailored ISO Gap Analysis for your business...