Quality work out of Fibber McGee's closet

From time to time I've written about the question whether it's possible to achieve Quality work without having a formal Quality system. (Here is one recent post where I touch on it, for example.) In general my argument is that it is always possible, but on any large scale it becomes staggeringly difficult. From this point of view, all our Quality methods are (so to speak) just tips and tricks—gimmicks, if you will—to make it easier to get the results we want.

With this background in mind, let me tell you a story.

Once upon a time, I worked for a California startup that had just been acquired by a much-larger company headquartered in Europe. One of the new initiatives was to get us integrated into their ISO 9001 system. To kick-start that activity, Mother Company sent an Auditor out from the Old Country to do a complete review of our system.

There were a lot of mis-matches. The Auditor expected meetings to start on time, but company culture at the startup meant people usually drifted in about 10 minutes late. A lot of procedure documents were either missing or badly followed. The Auditor's opinion soured quickly, and didn't improve as the week went on.

By Dell Publications., Public Domain, Link

At one point he came to our Repair Center. This was part of the Customer Service organization, and it was just what it sounds like. Customers whose units had broken or were malfunctioning could send them in and we'd fix them. If the unit was still under warranty, the fix was free; otherwise, we'd quote a price. Also, the Repair Center sold a lot of extended warranties to customers who didn't want to haggle over a bill when they needed their unit back.

The Repair Center was housed in a space that was scarcely big enough. Cabinets were full of old equipment, with tools and supplies shoved in at odd angles. Technicians regularly had half-completed jobs teetering on the edges of their workspaces, put on hold because they had to contact the customer for clarification of a question; but meanwhile they had started work on another job. There might be more equipment under the desks. It all looked like Fibber McGee's hall closet. 

Here the Auditor drew a line. He stopped at the entrance of the Repair Center and stood stock still. He leaned in to look around, but he would not cross the threshold. I don't know if he was afraid he might dislodge something or trip over it. But he looked around, scowled, murmured quietly "This center will never meet ISO 17025," … and left.

From then on, whenever anyone asked him genially, "How's the audit going?" the Auditor talked about our Repair Center. He described as much of it as he had been able to see, and explained how many regulations it failed to meet. If anyone asked how much work he thought it would take to bring it up to snuff, he just shook his head sadly.

Sooner or later, word got to our Head of Operations. This fellow was a long-time employee of Mother Company, but he was an American; and he had been sent out shortly after Mother Company acquired us, to offer a guiding hand as we assimilated into the larger organization. So he asked for a meeting with the Auditor. I was the Auditor's official host, so I tagged along.

Head of Operations: I hear that you don't like our Repair Center. What's wrong with it?

Auditor: It's cluttered. It's disorganized. There is no control over the space or the tools or the work. I don't see how they can function.

Operations: Compared to what? Are you comparing it to the Customer Equipment Laboratory in the home office, back in the Old Country?

Auditor: Yes, exactly.

Operations: Well help me understand this. Because the Repair Center here is a profit center, that generates something like 25% of the company's annual revenue. Meanwhile that Laboratory you are comparing it to is a cost center, and every year those costs are significant.

Auditor: I'm not concerned with how the company organizes its departments financially. I'm looking at compliance and customer satisfaction.

Operations: Fine, but that's another point. Back on my desk I have a stack of customer complaints an inch thick, complaining about the Customer Equipment Laboratory in the Old Country. And in my files I have just as many notes from customers expressing gratitude for the quick and professional service they got from this Repair Center. So who's offering more customer satisfaction?

Auditor: ISO 17025 has clear requirements that laboratories have to meet, and this Repair Center doesn't even come close.

Operations: Does that standard apply to this Repair Center?

Auditor: I don't know, but I am going to check.

In the end, it all worked out. The Repair Center tidied up their space, labeled their cabinets, and adopted some rules about how to handle work if you have to interrupt it to wait for a customer callback. After some research, the Auditor determined that ISO 17025 did not apply to the Repair Center's work, and the tidying that they did was good enough for ISO 9001.

But how were they able to do such good work all along? Isn't tidiness important? Does it really not matter whether your storage cabinets are labeled?

Of course it matters. The key is that everyone who worked in the Repair Center had been there for a decade!* This was a small company, with a dedicated staff and very little turnover. They didn't bother to label the cabinets, because everybody just knew where everything was. They didn't write down a lot of their operational procedures because everybody just knew what to do. They didn't bother to label work-in-progress because everybody just knew who was working on what.

And this is a valid Quality strategy for some organizations. When the number of people is small, and when the average tenure in jobs is high, you can accomplish a lot of good work following the Everybody-Just-Knows methodology. The only problem is that this approach doesn't scale well, and it's hard to bring on anyone new when your employees start to retire or die. 

As soon as you start to grow, or as soon as you have to work with anyone new, the traditional Quality tools suddenly become a lot more useful. 

__________

* Strictly speaking I think the New Guy had been there only seven or eight years.   

        

Who should be in charge?

Here in the United States, we've just finished holding an election; so now we're taking down the signs, sweeping up the confetti, and getting back to normal. I've been browsing the Internet, reading posts where people on one side of the aisle congratulate each other, while those on the other side console each other. (As a Quality nerd, I naturally wanted to write-in W. Edwards Deming for President, but unfortunately he died in 1993.) But I also started to wonder, Does the Quality profession have anything to tell us about who should lead an organization? About who should be in charge? 

In the most immediate sense of the question, No, it doesn't. The ISO 9001 standard contains requirements for what top management shall do, and its companion volume ISO 9000 contains discussion about the concept of leadership. But there are no ISO requirements anywhere that say "Name George as CEO, and not Fred." On the other hand, if you take a step back to look at management theory more generally, it's possible to find some indications.

One of the most remarkable sources of guidance that I've found (on a couple of topics, but this is one of them) is a short essay by Peter Drucker called "Managing Oneself." Drucker's basic point in the essay is that, in order to be effective, you have to know how you work. Then organize your work along those lines, so that you can produce results. And he gives historical examples of leaders or other executives who failed to heed this advice, and who thereby undercut their own achievements.

Drucker approaches this topic from a lot of different angles, and I strongly recommend that you read the article regardless what your current work happens to be. But part of his advice on understanding how you work can be adapted into advice on who should occupy certain roles. (In what follows I have modified Drucker's terminology a bit, to make my own point clearer. But I promise he says these things. 😃)  

Specifically, Drucker points out that there are people good at thinking, and there are also people good at deciding—but they are rarely the same people. People good at thinking thrive as advisors, or technical specialists. They can analyze a situation thoroughly, and map out the three approaches most likely to succeed. But when you ask them to pick one, they see too many subtleties and hidden implications, and so they get lost trying to play out multiple chess-matches in their heads. Wait, if I move here then he'll move there, and that means I have to ….

By contrast, people good at deciding may not be able to understand all the ramifications of this or that policy unaided. They definitely need the support of their advisors or technical specialists to clarify, If you choose X, then Y is sure to happen as a result. But once they have all the facts, they know exactly what course they want to take, and they are happy to bear the responsibility for choosing it. 

With this distinction in mind, Drucker is absolutely clear that "The top spot requires a decision-maker." On the surface this may sound obvious, but notice the corollary: the top spot does not require a brilliant analyst. The CEO does not have to be the smartest person in the room, and in most cases shouldn't be. Normally, it will be better if the smartest person in the room is an advisor that the CEO can trust, who maps out the options and highlights the pitfalls of each. Then the CEO picks one, and the organization moves forward.

Oliver Wendell Holmes, Jr. once characterized Franklin Roosevelt as having "a second-rate intellect but a first-rate temperament." Most of the time, that's the right mix. 

     

Quality and Despair

It's Hallowe'en. Once again, it's time for something spooky.

This year I'm going to quote a commercial product. It's a Demotivational® poster from the folks over at Despair Inc. It starts with one of the basic commonplaces of the Quality business, and spells out the awful consequences of taking it literally.

The race for quality has no finish line;

so technically, it's more like a death march.   

Click here to jump to their site, where you can order these words of wisdom on a poster or a mug.

Happy Hallowe'en, everyone!

    

Outsourcing your evil deeds

Last week I wrote about the peculiar fact that multinational corporations seem able to avoid unwelcome regulation, at least in certain cases, by the expedient of quitting the country to go elsewhere. This approach is admittedly a bit extreme, so today I want to talk briefly about another—much more common—way that some companies try to get around rules that forbid them to do Bad Things: hire a scoundrel as an external supplier to do the Bad Thing for you. That way your hands are clean … well, more or less … and dealing with the regulators becomes his problem.

This approach has become so common in international trade that it almost passes without comment. If your company makes widgets, and if you are regularly undersold by competitors because wages in your country are so high or environmental regulations add extra costs, someone is sure to suggest that you relocate your factories to another country where neither of these considerations is in play. Alternatively you can outsource the actual manufacturing to a supplier in the other country. That way you aren't paying the low wages, and you aren't causing the adverse environmental effects; but you still get your widgets a lot cheaper than before.

Of course, any such gains are temporary. If you can save money by moving your manufacturing to Ruritania, so can your competitors. Then some other country comes into view, with even lower wages and even worse environmental protections, and everyone moves there instead. Soon countries are competing against each other in a "race to the bottom." As I have discussed in an earlier post, in the long run nobody wins such a race. But in the short run, some companies find it compelling; and after all, "In the long run we are all dead."*  

I assume that the same dynamic probably operates domestically as well. That is to say, I have no personal knowledge of any domestic companies who exist so that their clients can skirt inconvenient legal or ethical constraints, but it wouldn't surprise me. Some people don't mind sketchy work, and some people will do anything for a price. 

The good news is that ISO 9001 explicitly disallows this! Clause 8.4.2(a) of ISO 9001:2015 states clearly that:

The organization shall ensure that externally provided processes remain within the control of its quality management system; …. 

So if you design and sell a product, but you outsource its manufacture to someone else, you are still responsible for what they do.

Most of the time, this responsibility is for very practical reasons. Maybe you do much of your own manufacturing, but there's one specific process that you outsource. Well if you require that all your manufacturing equipment must be calibrated to a specific tolerance, don't you want to flow down that same requirement to the supplier who is executing this one special process? If you don't, their uncalibrated equipment might ruin all the exactitude you achieved with your carefully-calibrated equipment, and you'll have to scrap the whole lot. Nine times out of ten, or 99 times out of 100, this is the kind of "control" that really matters. Mostly ISO isn't afraid that you are going to try to do Bad Things in an underhanded way, because most people just don't do that. But ISO is concerned that when your process is executed, you get what you want.

To be clear, this clause does not mean that you have to know your supplier's business better than they do. It does not mean that you have to define the details of their operating procedures. The whole reason you are hiring them should be that they are experts in whatever you want them to do. 

Nor does it mean that if your company has to be certified to AS9100 because you are building aerospace parts, then the caterer that you hire to provide lunch has to be certified to AS9100 as well. (I hope that's obvious.)

But if you have any overall constraints that apply to all of the work inside your QMS—like the calibration example I just gave—then (where it is relevant and meaningful) you have to flow down those requirements to your supplier.

And if you happen to be the one case in 1000 who wants to get away with a Bad Thing by hiring a scoundrel to do it for you, … don't. Just don't.  

__________

* John Maynard Keynes, A Tract on Monetary Reform, 1923. Quoted many places around the Internet, for example here.       

     

When ISO 9001 Fails

This morning, Quality Digest published my article, "When ISO 9001 Fails." It's their article now so I won't post the text of it here, but you can find it by following the link. I hope you find it useful!

            

The Braganza gambit

And now, if I may digress momentarily from the main stream of this evening's symposium,* … I'd like to raise a question which relates more to regulatory compliance than to Quality per se, but which has bothered me from time to time, and which seems to lurk on the margins of other—more normal—Quality topics. (In fact I plan to discuss one of these next week, in a follow-on essay.)

The background is this: First, we all know there is such a thing as global trade. In fact, the whole point of international standards is to facilitate global trade. As I explained once in this forum a couple of years ago, "A standard is like a common language: it allows us to do business with strangers, because we know that we are both talking about the same thing."

Second, we all know there are global (or at any rate multinational) corporations. Over the course of my career I've worked for at least two companies headquartered in Europe (LM Ericsson and Robert Bosch), even though both times my local office was in southern California.

Third, we all understand more or less how companies are regulated. Some authority codifies a set of rules: those rules might be voluntary (like ISO 9001) or legally mandatory (like health and safety regulations). Then the company decides whether they want to abide by these rules. (In the case of mandatory legislation, we should assume that the answer is always Yes.) If yes, the company takes steps to implement the rules; and if they fail, there is some kind of system in place whereby someone can complain. When the authorities get a complaint they check the facts; and if the company has indeed failed to meet the requirements, the authorities react accordingly. In the case of ISO 9001, the responsible Certification Body can decertify the company; in the case of legal noncompliance, the relevant government can impose civil or criminal penalties.

Now finally here's the question: How do you regulate an international company?

I fear that the answer may be: Mostly you can't. I'll explain why, but I would be delighted if you can show me where I am wrong.

Let's say that some local company violates a local regulation. Government inspectors come out to check the status, and—depending on the severity of the issue—they might give the company written notice to correct the problem in a defined time, or they might padlock the doors. If company personnel try to interfere with the government inspectors, they can be arrested. And since it's a local company, that's all it takes to stop them doing whatever Bad Thing they were doing. Problem solved.

Suppose that the company has multiple branches in the same state: then, depending on the nature of the Bad Thing that Law Enforcement is trying to stop, they might have to take a heavier approach. Or they might leave the branches alone but target headquarters. If the company has branches all over the United States, Law Enforcement has to get more ambitious still, because sometimes state laws disagree (so the Bad Thing might be legal in another state). Also, local Law Enforcement is unlikely to have jurisdiction in another state, and so will have to coordinate with other agencies in order to stop the Bad Thing once and for all.

But if the company has offices all over the world, then what? The very most that American Law Enforcement authorities can possibly do is to arrest whichever company personnel happen to be located inside the United States. But they are powerless over the offices in Ruritania or Grand Fenwick.    

In the ordinary course of things, a multinational company will probably find it convenient to comply with routine local regulations, because they will see those regulations as just a cost of doing business. As long as the opportunities in a country are bigger than the costs, they are likely to cooperate. But this cooperation is strictly a voluntary choice on their part. In an extreme case, they can always shut down the local offices and leave.

This strategic departure from a country because you don't like the laws is what I call the Braganza gambit. The Braganza family ruled Portugal and the Portuguese Empire from 1640 until 1910. During the Napoleonic Wars in the early nineteenth century, Napoleon Bonaparte installed many of his relatives in thrones across Europe. His method—used for example in the Peninsular War against Spain—was to defeat a country and capture the royal family; then he could force them to abdicate in favor of one of his relatives and move on to the next country.

By Lumastan - Own work, CC BY-SA 3.0, Link

But not in Portugal. The Braganzas saw what Napoleon was doing and realized they were next. So they moved the entire royal court to Brazil, which was at that point part of the Portuguese Empire. When Napoleon conquered Lisbon, the royal family was nowhere to be found. (In the end they liked it in Brazil, and didn't move back until 1821—long after Napoleon was no longer a threat.)

So there you have it. Multinational corporations have the privilege—unavailable to local corporations—that they can (within limits) decide which legal regulations they feel like following. And in case any regulation is too burdensome for them to tolerate it, they have the option of leaving the country.** 

If a multinational corporation decides to use the Braganza gambit to avoid an onerous regulation, about the only leverage the abandoned country has is to close its markets. "If you won't abide by our rules, you can't sell your goods here." Whether that's a meaningful threat depends very much on the particular details, and of course sometimes the same maneuver plays out in reverse: a company might refuse to sell into a certain country until this or that policy is changed. It is hard to generalize about how effective either tactic is.*** 

What do you think? Am I wrong? Is there something I've neglected?

Or can multinational corporations escape troublesome regulation just by moving abroad? 

Please leave me a comment with your perspective. 

__________

* Tom Lehrer, introduction to "The Elements," Reprise/Warner Bros. Records, track 4 on An Evening Wasted With Tom Lehrer, 1959, LP record.  

** There's even a related line of thought that protects international organizations. Concretely, if you or I (as private citizens) feel wronged by some decision from an international organization like the WEF or the ISO, we may find it hard to sue them for redress because it's not at all clear which court—if any—has the appropriate jurisdiction.

*** Certainly this is the logic behind international economic sanctions, where—in this case—one government requires all the companies subject to it to avoid business in another country until that other country changes its policies. When small countries are subjected to coordinated sanctions, the effects can be crippling. When large countries are subjected to them, the results are not so immediate. Consider, for example, this recent video by a YouTube creator "Eli from Russia," who publishes travel information (and strictly avoids politics). She describes the impact of sanctions on Russia, and the results have been (to say the least) not uniform.

    

What's "proportionate"?

When the ISO 9001 standard requires you to take action to address your risks and opportunities, it includes this admonition in clause 6.1.2: Actions taken to address risks and opportunities shall be proportionate to the potential impact on the conformity of products and services.

OK, I guess that's fine, but what does it mean? What does it take for your actions to be "proportionate" to the risks they address?

The word is never defined—or at any rate, neither ISO 9001 nor ISO 9000 define it. But intuitively I think we all have a sense for what it means, don't we? The basic idea is ancient: Nothing in excess.* If you face a risk that might, at worst, cost you $100, then it is foolish to spend $1000 to prevent it. That cost, or that level of effort, is disproportionate to the $100 downside that you face from the unmitigated risk. Most of the time, we probably don't need a definition more exact than that.

But "sometimes the clearest way to explain what a rangatang [sic] is, is to 'tell what it ain't.'"** A couple of months ago, I stumbled upon a blog post from 2016 that explains the concept of disproportionality with crystal clarity. The author of the post—Quinn Dunki of Blondihacks—just wanted to set up an automated cat feeder, so that her cat would be fed on time and she didn't have to watch the clock every day. Simple, right?

Turns out her cat had a different idea. Her cat's idea was, "How do I get this machine to give me more food than Quinn wants me to have?" So Quinn had to make some adaptations to her automated cat feeder, to protect it from the prying paws of her cat. As she says at the opening of her blog post, "The trick is to be smarter than the animal with a brain the size of a walnut."

But of course, Quinn worked on this problem part-time, and her cat worked on it full-time. 

You can read the results here.

In the end, Quinn won. But I'm pretty sure nobody would say that the effort she expended was proportional either to the benefits she gained or to the risks she was avoiding.

Verbum sapienti sat. 

__________

* "Μηδὲν ἄγαν" was one of the three proverbs said to have been inscribed at the entrance to the Greek temple at Delphi. See here for more information.  

** Owen Ulph, The Fiddleback: Lore of the Line Camp (San Francisco: Browntrout Publishers, 1995), p. 23.