Last week's post triggered a lot of discussion, mostly on LinkedIn. One of the topics was over the fundamental purpose of the ISO 9001 standard: is it primarily a tool to use internally (for continual improvement), or externally (for certification)? In the end, Christopher Paris resolved the question by explaining in detail the history of the standard's development, and showing that external certification was baked into the concept from the beginning.
But I'd like to suggest that the same conclusion should have been clear even without knowing the history in a lot of detail. It all stems from the basic nature of standards in general.
Why do we need standards? A standard is like a common language: it allows us to do business with strangers, because we know that we are both talking about the same thing. Whenever a market gets full or busy or complex, whenever there are many people buying and selling from each other, you need standards that everyone can align on. The alternative is chaos. This is many times truer when trade crosses international borders.
The Last Day of the Sale, by George Bernard O'Neill |
And in fact many of the standards issued by the ISO are technical standards whose whole purpose is to ensure that common products align to uniform specifications around the world, so that you can buy them anywhere. ISO 3290-1 and ISO 3290-2 specify the uniform characteristics of ball bearings. (ISO 3290-1 covers steel ball bearings, while ISO 3290-2 covers ceramic ones.) As a result you can buy your ball bearings from any manufacturer, anywhere in the world, who complies with these standards—and you are guaranteed that they will fit your application interchangeably with the ball bearings you already have. Knowing you can rely on this uniformity is tremendously valuable.
In the same way, if a company follows ISO 9001, then we think we know something about them even before we place our first purchase order. We are not guaranteed that their products are flawless! But if they follow ISO 9001, then at the very least they should have (for example) some kind of system in place to evaluate orders before accepting them. They should have other systems in place for handling customer complaints, in case there are any. And so on. Knowing these things gives us greater confidence about doing business with them, or it should. (In exactly the same way, the whole point of the proposed management system standards to support the UN's sustainable development goals, which I discussed at some length last month, is to provide a common and uniform frame of reference so that companies who want to explain what they are doing to advance these goals can trust that they will be understood.)
But wait—if a company tries to persuade us that they have reliable systems in place because they follow ISO 9001, why should we believe them? Because they say so? People can say anything. The only way that the ISO 9001 standard can possibly do its job as a standard—the only way it can make good on its promise of uniformity—is if there is some objective way to tell the difference between companies that have implemented it and companies that have not. This is the point of certification (or it is supposed to be). Someone external, someone objective, someone who does not have a stake in the success or failure of the company under evaluation—that person has to come out, look around, and then tell us whether the company's implementation of ISO 9001 is real or sham. Without that step, ISO 9001 can no longer be a standard; and whatever residual value it might still have as a source of moral exhortation, it has always been sold to the world as a standard.
So I think the need for external certification is necessarily part of the whole concept behind ISO 9001. And it does not surprise me, therefore, to learn that the history bears this out.
No comments:
Post a Comment