Substandard Information

ISO 9001 misunderstandings cause negative first impressions

by T. Dan Nelson

I first heard about the ISO 9001 standard as a graduate student at the University of Iowa. It was lumped in with other acronym-ridden quality initiatives, such as just-in-time (JIT) delivery and total quality management (TQM). I didn’t pay close attention to ISO 9001, not having any idea how familiar I’d become with it in the years to come.

After finishing graduate school, I moved to Colorado. In 1994, I began my career with ISO 9001 after a small circuit board shop hired me to write its work instructions. The organization was in pursuit of ISO 9002 certification and needed to document its quality management system (QMS).

I was hired as a temporary, full-time technical writer to develop lower-level work instructions. The quality manager was already working on customizing prewritten system-level procedures he’d found in a popular book. If only I knew then what I know now.


A year and a half later, I completed the work instructions and left the circuit board shop with a bad taste of ISO 9001 in my mouth. But the best job I could get was—you guessed it—writing work instructions for another company in pursuit of ISO 9001 certification. I did that for a few months before I was called back to the circuit board shop.

The quality manager announced he was leaving the organization, so I was asked to help the shop become certified, and I obliged. Following the advice of my boss before his departure, I requested the organization send me to ISO 9001 lead auditor training.

Training was a week-long whirlwind that left me with more questions afterward than I had going in, but I passed the final exam with no problems. I thought I understood the training as well as anyone else and that working for a certifying body would augment the training provided.

Much of the course focused on the individual requirements of ISO 9001, and it left me thinking that organizations documented their QMSs merely to pass ISO 9001 audits. Years later, I would understand that passing audits is a secondary objective of QMS documentation.

Most of the principles of quality management contained in ISO 9000—from which the requirements of ISO 9001 are derived—are straightforward and don’t require strenuous training. The process approach, however, was a principle contained in ISO 9000 that did require further explanation for many lead auditor trainees, but just like the principles, it was only briefly addressed.

Nobody at the shop liked the ISO 9001 procedures that were created. They were confusing at best. But the shop passed the registration audit with flying colors. After it was certified and the party was over, my job was finished, and it was time for me to find another one. The taste of ISO 9001 in my mouth had gone from bad to worse.

Again, as I looked for work, the best job I found was—you guessed it—writing documentation for a company in pursuit of ISO 9001 certification, and I was hired on a contract basis. After several months of writing lower-level QMS documentation and being able to show a few years of ISO 9001 experience, I found full-time work as a consultant trainee.

Process vs. standard-based approach

My newest employer was a small British consulting firm. Not only was I trained to be a management consultant, I also learned what ISO 9001 was really about. The basic lesson of my training was that procedures were supposed to describe actual organizational processes—not the standard’s clauses and subclauses.

Until that time, I thought ISO 9001 required 20 procedures. That’s what my books said, and that’s what everyone else was doing. It wasn’t even a question.

After the release of ISO 9001:2000, there was a problem with the books available for guidance on the standard. None of them appeared to explain the process approach promoted by ISO 9001:2000. The book I had previously used contained 20 procedures, intended to be cut and pasted into any organization’s QMS documentation. Why 20 procedures? There was one to address each of the 20 elements of the 1987 and 1994 versions of the standard, of course.

I discovered, like many people, I was viewing ISO 9001 incorrectly. Unlike my previous training courses, my new employers set me straight.

ISO 9001 never required a certain number of procedures. The approach promoted by popular books and my previous trainings was contrary to the process approach promoted and required by the standard. This standard-based approach contradicts the standard’s endorsement of the process approach.

The number of procedures required by an organization’s management system depends on the number of processes defined as being needed for the system to function. Some systems are properly defined by 10 procedures, others by 30. That’s a feature of the process approach. Documentation is focused on processes—pursuant to plan-do-check-act cycles—rather than being focused on clauses of ISO 9001.

I’ve been using and promoting the process approach ever since 1998. It makes good sense in any organization. Why wait until ISO 9001:2015 requires it to reap the benefits of applying a process approach?

T. Dan Nelson is the principal at T.D. Nelson in Denver. He earned his MBA from the University of Iowa in Iowa City.

would it be a good idea to train / seminar standards in schools / colleges etc. in a country

Aylin N. M.

--Aylin N. Minikus, 05-18-2016

--Catherine Narva, 08-19-2015

This article sounds so familiar as I too went through the same process described therein. Fortunately, I took a plethora of courses so the transition to a process approach happened for me much earlier. The pain of transition can only be met with education and understanding. The ability to think through the requirements is important not just the interpretation.
--Forrest Rudnick, 08-19-2015

Very good description of a (continuing) misapplication of the idea of standardization of Quality Processes! Even now, I am dismayed at the number of (even ASQ-promoted) offerings to help people "avoid mistakes in interpretation" of the new standard version. If the Standard isn't self-evidently clear, it isn't written well! Registration will require agreement with the auditor - so if you need any 'help' at all, you are best to ask them in the first place. Independent verifications are fine, but I still believe that the MARkET is the best indicator of quality success. If YOU satisfy the customers better (whatever your system is), then you will do better than your competition (whatever certificates they may have).
--Steven Cooke, 07-14-2015

Average Rating


Out of 3 Ratings
Rate this article

Add Comments

View comments
Comments FAQ

Featured advertisers