by Chris Amponsah, Anne DeClouette, Dwight Dew, Elizabeth Pogue and Clint Wilson
Our Team 2 colleagues argue that the ISO 9000 family of certification standards is ineffective in today's business environment. We disagree, for the reasons explained below.
In brief: The first step in deciding if anything is effective is to consider what it's actually trying to do, the goals it's trying to achieve, and the objectives it's trying to satisfy. Once this is established, we can proceed to decide if a venture was successful: Did it actually succeed in what it set out to do? (Rushmer, 1997).
The purpose of ISO 9000 is to provide customers with confidence that a supplier has a documented, effective and independently verified management system. The arguments presented by our Team 2 colleagues primarily deal with management and implementation problems, rather than with the certification standards themselves.
ISO 9000 is a global certification system. The certification standards are intentionally broad, so they can be applied to companies across many industries. As a result, ISO 9000 leaves the interpretation of many of its requirements to the judgment of the managers closest to a particular company's processes. The human implementation of these standards relies on the managers' ethics to fully achieve the intended policies.
Furthermore, ISO 9000 was not designed for, nor should it be confused with, the purpose of the country-specific quality awards programs cited by our Team 2 colleagues.
Point 1: Overemphasis on Certification Achievement
Our Team 2 colleagues state that in the pursuit of ISO 9000 certification, businesses often emphasize the number of quality certificates they've attained, rather than focusing on improving the quality in the company and its products or services. They also say that quality certification programs stifle creativity by creating a mindset in which a minimum level of quality is the goal, beyond which process improvement is never realized (Larson, Lowder, Matthews, & Stites, 2007).
These problems are not the fault of the ISO 9000 certification program. Rather, management is responsible for poor results, by only requiring the minimum ISO standards to be met. The default message given to the organization, as a result, is that continuous quality improvement is not important. The executive leadership of any company sets the tone on issues of ethics, quality, safety, and other cultural attributes. They, not ISO 9000, are also responsible for setting the tone for continuous quality improvement.
Our Team 2 colleagues reference some serious lapses in safety and quality in Chinese products as evidence that ISO 9000 is ineffective. They note that as of 2007, China led the world in the number of ISO 9000 certifications. But they fail to mention that the large companies that hold those certifications are generally not the companies whose products have made such tragic headlines. Many Chinese consumer goods are produced by very small family businesses that have no interest in meeting, or ability to meet, global safety standards.
Meanwhile, the larger companies who produced unsafe products obviously were not following the ISO quality standards: Simply meeting minimum qualifications once does not automatically mean that a company will continue to meet safety standards. ISO standards simply provide a benchmark by which other companies and consumers can judge the probable level of quality standards in the certified company.
Quality design and inspection must also be completed in an ethical and responsible manner. Again, this is management's responsibility. The cited example of tire failures at Bridgestone and Firestone involved, in both cases, poor ethical judgments made by management.
Point 2 – Administration and Control
The check-the-box mentality suggested by our Team 2 colleagues can be seen not only in the ISO model, but also within many other standard-setting bodies. Tax law, financial statement audits, compliance audits, and quality audits that are written in checklist formats leave room for users to find the loopholes that invariably exist. A principle-based format, in which ethical managers voluntarily comply with the underlying concepts of the model, is a stronger model for written standards. Much of Europe, for example, uses principle-based financial reporting, in which a company is expected to disclose any and all financial information that would assist readers of the financial statements in making investment and credit decisions. However, this method of standard-setting has its own unique set of problems, and historically most US standard-setting bodies have used the checklist method.
Our Team 2 colleagues write that the broad and customizable nature of the ISO standards is a fault. Yet, these general guidelines allow use by companies in many industries, not just those involved in manufacturing. Having more specific, detailed guidelines would serve as even more of a "straitjacket" to creativity (Larson, et al., 2007). As written, the standards allow for creativity and process improvement, which are among the program's greatest strengths. The success of the program depends on the use and interpretation of the general guidelines by all employees responsible for product safety and improvement.
Point 3 – Required for Basic Survival
Complying with basic ISO 9000 standards is a hugely popular benchmarking activity. Rather than being a weakness, the spread of the certification across the world attests to its tremendous value.
The supposed weakness of cost can also be easily explained. Continuous improvement of any sort is expensive. Still, companies continually engage in it to expand their strategic competitive advantage. The cost of quality failure is generally considered to be much higher than the cost of quality improvement.
One of the arguments posed by our Team 2 colleagues is the negative impact on employees during the decision-making process: that employees had less control and less involvement in the decision-making process because of standardization. We would believe, conversely, that ISO 9000 positively impacts employees. Zuckerman (1999), for example, discussed ISO 9000 as a communication tool that is documentation-based. She asserted that when all employees are highly involved in the documentation of work procedures, they are better prepared to "perform other tasks that involve gathering, sorting, and culling information. They will be able to better monitor information flow throughout a company's supply chain, provide strategic analysis to aid a marketing or sales department, and, in the long run, maximize technology use" (p. 35). In other words, employees working in an ISO 9000 organization are better prepared to contribute to strategic planning and to the decision-making process, because they're better equipped with information about business processes and work flows.
Zuckerman went on to describe "the right way" for employees to practice ISO 9000: This includes documenting procedures, storing them for reference, proposing changes, and disseminating information. These employees are "extraordinarily prepared to assist their companies in gathering any type of information that would be of strategic value," she said.
Our Team 2 colleagues also assert that certification is an expensive process, basing their argument on research by Barnes (2000). A more recent article by Casadesús and & Karapetrovic (2005) suggested that the costs of ISO 9000 implementation and maintenance substantially decreased between 1998 and 2002.
On the surface, the costs may still appear to be excessive. However, comparing the benefits received to the cost of implementation brings to light a much different picture. Casadesús and & Karapetrovic (2005) noted "a perception that overall benefits of certification outweigh the costs" (p. 584). Using survey data, they further described the perceived benefits of ISO 9000, including:
Our Team 2 colleagues argue that ISO 9000 results in poorly perceived benefits and the stifling of long-term quality improvement. On the contrary: The Lloyd's Quality Assurance Register performed a study investigating perceptions of ISO 9000 benefits over time. This study of 400 organizations showed "that the companies which had been registered for more than five years reported greater benefits than the companies that had just completed the process. The study also suggested that companies should realize that benefits from registration may not come immediately; therefore they should look at ISO 9000 certification as a long-term investment" (ibid, p. 583).
In other words: ISO 9000 is not a "quick fix" way to become a quality organization. It is a process that takes time to change an organization into a company based on documented work procedures.
While ISO certification is more difficult for smaller companies to achieve, Renuka and Venkateshwara (2006) cited the unique benefits smaller companies gain. In India, small ISO-certified companies are more technologically advanced, implement more standard training/development, and have greater "employee-friendly" human resource management practices than their counterparts that have not obtained ISO certification. Certification also distinguishes small companies as serious entities among an inconsistent group, and often leads to business opportunities that the small company would otherwise not have received. The overwhelming support and expansion of the ISO 9000 program shows that businesses want to voluntarily comply. As far as the cost is concerned, what could be more expensive than going out of business?
Point 4 – Connections to Quality Award Programs
Team 2 points out that the ISO 9000 program does not mesh perfectly with quality awards around the world. That's because they're not supposed to mesh. They do not duplicate each other.
Because ISO 9000 is global in nature and is applied to many different industries, it has a very different purpose than the country-specific quality awards cited by our Team 2 colleagues. These awards look to identify best practices, leadership, and results. These aspects of a business are fluid, since organizational leadership and business results can and do change from year to year. That's why it makes sense to recognize these aspects with an award. On the other hand, documenting processes and the development and ongoing implementation of quality program, as ISO calls for, are more static, and lend themselves more to certification. (The certification is not entirely inflexible, though, since the standards documented can be updated.) This accounts for the reliance on audits.
The fact that companies are not nominated by customers for certification is inconsequential. Companies pursue certification to build internal quality awareness and programs. Customers generally do not care about certification: They just want a product that works as promoted. Besides, before the widespread use of the Internet, it was often nearly impossible for a company's customers to organize in such a way. Suppliers and downstream business-to-business customers, on the other hand, do care about certification, because they want assurance that the company has a quality program.
Point 5 – Lack of Management Support
Team 2 states the "unsuccessful implementation is often the result of a lack of long-term commitment by top management because of an underestimation of requirements that include time, resources, finances, and scope" (Larson, et al., 2007, p. 8). We reiterate that this is not a fault in the standards themselves, but speaks instead to the integrity and ethics of the managers who supposedly lead the quality improvement processes. If management is not motivated to comply with the spirit of the ISO family, then how much motivation would they have to support a different quality improvement program, especially if the alternative program were not so well-structured?
Companies that "plateau" often do so because they view certification as the end of a process, rather than the beginning. ISO certification is most successful when it is part of a larger quality initiative. Many of the examples cited by Team 2 illustrate this point: Many Singaporean companies did experience post-certification issues with monitoring programs, compliance systems, and management reviews, but those problems were caused by management seeing ISO certification as the means to an end, and not fully integrating quality. Similarly, it's true that Bridgestone/Firestone and some Chinese companies experienced horrendous quality problems despite being ISO 9000 certified, but the problems can be traced to bad implementation of quality, not bad standards. With any program, there will be companies that seek to circumvent its true nature, rather than embracing the benefits. Long-term executive management support is vital for any continuous improvement process, not just ISO certification.
The purpose of ISO 9000 is to provide customers with confidence that a supplier has a documented, effective and independently verified management system. The ISO 9001 standard, for example, has 20 elements describing the minimum requirements of sound business practice, and the validity of any of the requirements is rarely disputed: They include such clearly sound practices as a customer complaint resolution process, formal design reviews, testing of all deliverables, reviews of requirements before accepting contracts, and regular audits to verify compliance and the effectiveness of procedures. (Amita, 2006).
The success of any tool is directly dependent on the skill of its users. Organizations failing to gain value from their ISO 9000 registration have used the tools incorrectly.
What's more, the ISO 9000 standards simply state the mandatory elements required to assure quality in deliverables; they do not specify how to achieve compliance. When ISO 9000 critics point to massive overhead, bureaucratic procedures, unnecessary processes, slow cycle times, etc., they are describing examples of ineffective applications of the standard, not flaws within the standard itself.
We remind readers, and our Team 2 colleagues, that a four-country study testing the link between ISO registration and quality resulted in statistically significant scores in the eight quality constructs of Leadership, Information and analysis, Strategic quality planning, Human resource development, Quality assurance, Supplier relationship, Customer orientation, and Quality results (Rao, Ragu-Nathan & Solis, 1997). Considering these results, as well as other consequential benefits noted by the scholars, we remain convinced that ISO 9000 appears to be an effective means of identifying companies that embrace quality standards.