Continual Improvement Using ISO 9001

Improvement loop advances quality but needs more work

by Sandford Liebesman
One of the key additions to ISO 9001:2000 is a subclause 8.5.1 requirement for continual
improvement. This requirement is a definite advance over ISO 9001:1994, which relied only on
corrective and preventive action to improve the quality management system (QMS).
Subclause 8.5.1 requires the organization to "continually improve the effectiveness of the QMS
through the use of the quality policy, quality objectives, audit results, analysis of data, corrective
and preventive actions and management review." If fully implemented, this plan-do-check-act cycle
should result in iteration after iteration of improvement. First, let's look at each of the elements
of this improvement loop.
Policy and objectives
Top management must ensure the quality policy (subclause 5.3) "provides a framework for
establishing and reviewing quality objectives." Thus the policy must be translatable into measurable
objectives (subclause 5.4.1) that include the ones needed to meet product requirements while being
consistent with the quality policy. Top management's goals must be put into practice using
measurable objectives to stimulate improvement.
Audit results
The next element in the improvement loop is the "results of audits" step performed by the
organization. This element includes internal audits defined in subclause 8.2.2, peer audits, secondand third-party audits and other audits performed by the organization. Audit results provide one
tool for understanding the status of the QMS. The other key tool is the analysis of data.
Data analysis
Subclause 8.4 requires the organization to "determine, collect and analyze appropriate data to
demonstrate the suitability and effectiveness of the QMS." The data must also be used to evaluate
where the effectiveness of the QMS can be improved.
The analysis must "provide information relating to customer satisfaction, conformity to product
requirements ... and suppliers." The information must also relate to "characteristics and trends of
processes and products" and should result in "opportunities for prevention action."
Note this requirement identifies the need to translate data into information, which leads to
preventive action improvement opportunities.
Preventive and corrective actions

Preventive actions (subclause 8.5.3) are aimed at eliminating the cause of potential
nonconformities. The information from the data analysis should result in identification of potential
root causes of future problems. Corrective action (subclause 8.5.2), on the other hand, uses
information to eliminate causes of identified actual nonconformities and prevent their recurrence.
Both actions are key to continual improvement in the organization, but may result only in local, not
global, changes. Top management should make the improvements global during the management
review process.
Management review
Management review (subclause 5.6) is where the elements of the improvement process are brought
together. The review is aimed at ensuring "continuing suitability, adequacy and effectiveness" of
the QMS. It should result in opportunities for improvement and may lead to changes in the QMS,
including the quality policy and objectives.
Inputs to management review include audit results and the status of preventive and corrective
actions. Other required inputs are information on customer feedback, process performance and
product conformity, previous management review follow-up actions, changes to the QMS and
recommendations for improvement.
Mandatory outputs of the review are decisions and actions that should result in improvements in
the effectiveness of the QMS, its processes and the organization's products. Management review
is therefore the tool to assure improvement across the entire organization. The results of
management review should start the next iteration of the improvement loop.
Ancillary requirements
Other requirements that play an important role in effective continual improvement include planning,
communication, and monitoring and measurement activities. Without fulfillment of these
requirements, the effectiveness of the improvement process may be less than desired.
Planning requirements. Subclause 5.4.2 requires top management to ensure planning is carried out to
meet the requirements in subclause 4.1, which includes continually improving the effectiveness of
the QMS. Planning should be aimed at ensuring effective operation and control of the
organization's processes.
Communication. Requirements for top management and the management representative to
communicate the status and importance of continual improvement are included in subclauses 5.1,
5.5.2 and 5.5.3.
In subclauses 5.1 and 5.5.3, top management must communicate its commitment to continually
improve the effectiveness of the QMS. The requirement in subclause 5.5.2 is for the management

representative to report the performance of the QMS to top management and identify the need
for improvement.
Monitoring and measurement. The analysis of data is one of the elements of the improvement loop.
Where should the data come from? Subclause 8.1 requires the organization to "plan and implement
measurement, analysis and improvement processes ... to continually improve the effectiveness of
the QMS." Subclauses 8.2.1, 8.2.3 and 8.2.4 require monitoring and measurement of customer
satisfaction data, processes of the QMS and the organization's products.
Improvement loop problems
Although the improvement loop is itself an improvement, there are three problems with it as
defined in ISO 9001:2000:
1. No process is required. Subclause 8.5.1 states "the organization shall continually improve the
effectiveness of the QMS." As an auditor I ask, how is this done without a process to specify the
methodology?
2. Specifying "the organization" as responsible for the improvement loop is a vague statement
ignoring the real responsibility for improvement that lies with top management. I contend the
improvement loop belongs in clause 5, close to the management review process.
3. How do you measure improvement in the effectiveness of the QMS? Effectiveness is defined in
ISO 9000:2000 as the "extent to which planned activities are realized and planned results
achieved." Without a requirement for a process and associated ownership of it, the measurements
may be inconsistent and possibly even meaningless.
The telecommunications industry recognized the need to formalize the improvement loop. The
latest version of its standard, TL 9000, includes a requirement to "establish and maintain a
documented quality improvement program." But the TL 9000 handbook does not identify top
management as being responsible for the program.1
Finally, it is difficult to audit the requirements of subclause 8.5.1 if an organization has not
developed a process and identified responsibilities. The results under these circumstances will
certainly be inconsistent from organization to organization.
Revision suggestion
ISO Technical Committee 176 is starting the process of revising the ISO 9000 family of
standards. I think the committee should rethink the improvement process to make it more
consistent and effective.
Subclause 8.5.1 should be moved to clause 5 and should be a management responsibility. Top
management should understand how the improvement loop is working. The management

representative could be responsible for its effective operation. The current requirement to
communicate the status of the QMS and the need for improvement would provide the direct link to
top management.

Is There Time?

Meeting the ISO 9001:2000 transition deadline will be a challenge for some organizations

by John E. "Jack" West

The Dec. 15 deadline is fast approaching for organizations registered to the 1994 versions of ISO
9001, 9002 and 9003 to make the transition to ISO 9001:2000.

It seems as if we were finalizing the 2000 version for publication just a short while ago. But 27
months have gone by, and by the time you read this only about nine months will be left of the threeyear transition period.

I am frequently asked if there is time to make the transition and get a registration upgraded to
the new standard. My answer is always something like, "Well, that depends." Several factors
influence the amount of time needed. Let's explore two:
Whether a sector specific standard is being used.
The maturity of the quality management system (QMS).

These issues may limit the ability of the registration system to get all organizations upgraded by
the deadline. But I also expect some organizations will simply decide not to continue to hold
certificates.

Some organizations in markets with no real demand for registration may believe they have already
derived all the value they can from being registered. Others likely will be unwilling to make the
commitment or meet some of the changes in requirements. Indeed, it is my opinion that some such
fallout is desirable and could ultimately improve the credibility of the system.

Impact of Changes

While I will not discuss specific changes here, it will be useful to review the impact the changes
are having on organizations. This impact depends largely on the nature and focus of an
organization's current QMS.

As Figure 1 illustrates, the impact may be very slight for organizations with mature systems
focused on customers and continual improvement and driven by top management. It is quite a
different story for organizations that are internally focused or have uninvolved top management.
This group may find the changes daunting and their effect profound.

Sector Specific Standards

Some organizations are in industries with a document that adopts ISO 9001 and adds industry
specific explanations or requirements. For example, many companies in the automotive industry are
registered to QS-9000 and will ultimately make the transition to ISO/TS 16949:2002. Others are
registered to TL 9000 for the telecommunications industry or AS9100 for aviation and aerospace.

Most such organizations have been registered to both ISO 9001:1994 and the sector specific
document. The sector specific standard may have a later deadline than that for ISO 9001 itself.

Many of these organizations view the deadline as that established within their own sector or may
elect to limit their registration to only the sector document, foregoing or at least postponing
certification to ISO 9001:2000. In addition, many organizations in sectors with their own standards

have had to adopt fairly mature, customer focused QMSs to meet earlier versions of their
industry's requirements.

Mature QMSs

Many organizations have mature QMSs that fully (or almost fully) comply with ISO 9001:2000.
There has been a tendency for some to wait until their certificate is near expiration and upgrade at
that time. While this is not a bad thing in itself, it is having a tendency to push a lot of registrar
auditing into the last half of this year.

Organizations that are in this category absolutely need to get their upgrade audits scheduled with
their registrar or they will face a seemingly inevitable capacity problem.

But that is not the real problem. While most organizations in this category will be able to make the
transition on time, those that wait until the last minute may have missed an ideal opportunity to
make a good QMS even better. Waiting to make the transition normally means missing opportunities
and gaining little benefit.

Immature QMSs

Other organizations not really ready for the new requirements may well not have enough time to
make needed changes in the overall focus of their QMSs. It is not the changes made to detailed
requirements that may defeat such an organization's efforts, but rather the changes in overall
focus needed.

Table 1 provides insight into these changes in focus. Let's look at four of the difficult issues such
organizations with immature QMSs face:

1. Continual improvement.

2. Customer focus.

3. Top management's role.

4. Processes vs. procedures.

1. Continual improvement. While some of the people involved in writing ISO 9001:1994 say they
intended for improvement to be an integral part of the requirements, most of us never really saw it
that way.

Some organizations have spent time, money and effort to keep their real improvement activities
completely separate from their formal QMSs. Sometimes this has been because improving quality
was assigned to a different group in the organization. Sometimes it even has been because the goals
of those responsible for control conflicted with the goals of those responsible for improvement. To
fully comply with ISO 9001:2000, organizations must resolve these matters, and that takes time.

Then there is the matter of the relationship of improvement to the setting of real measurable
quality objectives. Organizations with immature systems often have not yet made the effort to
determine how to effectively measure their results. Organizations in this situation will need to
start small by developing a set of quality objectives that align closely with their business
objectives.
2. Customer focus. An internally focused organization needs to learn to focus on its customers. It
can be argued that the only real additional customer related requirement in ISO 9001:2000 is
measurement of customer satisfaction. But actually ISO 9001:2000 mentions customers much more
often than did the 1994 standard, and it mentions customer satisfaction seven times.
3. Top management's role. I expect auditors for registrars will be spending a bit more time with top
managers to determine whether they are really carrying out all the activities required of them in
ISO 9001:2000. They will need to be more fully engaged in making decisions related to the QMS
than ever before. It is time for quality professionals to quickly learn how to lead their bosses.
4. Processes vs. procedures. Then there is the little matter of the shift from ISO 9001:1994's
procedure based system to ISO 9001:2000's process based one.

Much has been written in Quality Progress about ISO 9001:2000's process approach to QMSs,1 so
I will not describe what it takes to use the approach. But it is the most important part of the
standard to get right.
While ISO 9001:2000 has streamlined documentation requirements, it has significantly increased
the emphasis on having a system made up of well-understood and interrelated processes. Each
process needs to be managed and measured. Their interactions also need to be understood and
managed to make the overall system effective.
Documentation of the system should be thought of as one way to ensure processes are operated in
a controlled manner. But documentation is only one of the needed controls. You must also monitor
and, where appropriate, measure the processes.
If you find yourself behind the time curve on the transition, you really need to carefully think
through how you will address the shift in focus so you not only comply with the new standard but
also gain the benefits it is intended to bring to your organization.

ISO 9000 and More

Bonus material and deleted scenes

by R. Dan Reid

DVDs have become a very popular form of home entertainment. Movies released on DVD often
feature bonus material and deleted scenes. Wouldn't it be nice if readers of print material could
have this option from time to time!

This is a quality publication, so to delight rather than simply satisfy readers, I offer some bonus
material unpublished in previous columns.

A Problem, Well Defined

First, what is a problem? In clause 2.10, ISO 9000:2000 discusses the use of statistical
techniques in solving or preventing problems--thus improving effectiveness and efficiency.

The word "problem" is found in ISO 9004:2000 more often, a fact we will discuss later, but it is
not actually defined in the ISO 9000 family of documents. The ISO directives specify dictionaries
to be used for definitions of common terms not otherwise defined in ISO 9000 deliverables. One
dictionary defines "problem" as "an unwelcome or harmful matter needing to be dealt with and
overcome, or a thing that is difficult to achieve."1 Most often problem solving is used in this
necessary but negative context, for example, in addressing nonconforming products or processes.

Another somewhat accepted definition of the term "problem" is anything that deviates from what
is considered normal. In the context of process management, this definition does not address
incapable processes.

For example, if an administrative process is designed so it works right the first time 80% of the
time and meets management expectations, there is no perceived problem. Managing the exceptions
is viewed as part of the job. Such a view on the part of management was a matter of great concern
to W. Edwards Deming.

In Six Sigma terms, the process in the preceding paragraph is operating at between a two and
three sigma capability. In reality, this tolerates variation in the process and creates barriers to
flow, increases lead time, drives rework and adds to cost of poor quality.

An incapable process should be viewed as a problem or an opportunity for improvement waiting to

be identified. In process management it is critical that adequate process capability be designed in
and achieved before the emphasis shifts to process control. Processes, including administrative or
support ones, should be designed to produce the desired result all the time.

Note the word "problem" is found only two times in ISO 9001:2000--in clauses 7.3.4 on design and
development review and 8.5.3 on preventive action. Most organizations place a premium on problem
solving ability. This is reflected in employee reward and recognition programs and can be
counterproductive to achieving world-class quality because it often creates a fire fighting culture
rather than one that focuses on prevention.

In ISO 9001:2000, "problem" is used in the more positive context of preventing its occurrence as
opposed to preventing recurrence (corrective action). Problems should be viewed as opportunities
for improvement. Thus, problem solving should be integral to improvement--both continual
improvement and innovative improvement.

According to ISO 9004:2000, clause 8.5.1, "Management should continually seek to improve the
effectiveness and efficiency of the processes of the organization, rather than wait for a problem
to reveal opportunities for improvement. Improvements can range from small-step ongoing continual
improvement to strategic breakthrough improvements."

Furthermore, ISO 9004:2000, clause 6.2.2.2 includes problem solving among the skills for which
training should be considered, and clause 7.4.2 recommends suppliers be evaluated, in part, for their
performance in responding to problems.

Most problem solving models have some common elements, such as identifying, containing, analyzing
root cause, implementing action(s) and verifying the effectiveness of action(s) taken. However,
there is another dimension to problem solving--complexity.

Problem Solving and Complexity

All problems are not created equal, as depicted in Figure 1. An individual can solve some problems
alone. For others, he or she will need help from other individuals, teams or experts.

The bottom of the pyramid in Figure 1 represents the simple problems individuals can solve
independently using their expertise or available tools. For example, a cut finger can be addressed
by cleansing, application of an over-the-counter antibiotic and application of a bandage. A machine
shop operator may note a trend in control chart data over time indicating the deterioration of a
drill bit and the need for a bit replacement prior to failure.

Opportunities for improvement at this level can result in continual improvement--small incremental
improvements anyone can make on a daily basis.

The next level of the pyramid represents problems too complex for an individual to solve alone. A
sinus infection may require a prescription antibiotic from your physician. A near depletion of raw
material for a machine operator due to nonconforming material in process may require earlier than
expected replenishment from a material handling person.

At this problem complexity level an individual needs the help of another--a supervisor, peer or
subject matter expert--to solve the problem. Problems in this category can also be opportunities
for continual improvement.

The next level of problem complexity includes those that require a cross functional team to solve.
These problems can be quickly resolved with appropriate cross functional input leveraging the
intellectual capital in the organization.

This is the type of problem solving alluded to by ISO 9004:2000, clause 6.6, which talks about the
need to establish two-way communication at appropriate levels within organizations and their
suppliers to provide "rapid solution of problems and to avoid costly delays or disputes."

In the late 1980s, General Electric developed and used a rapid cross functional process called
Work Out workshops to make decisions and solve problems.2 Kaizen workshops are another example
of this level of problem solving.

The top of the pyramid in Figure 1, representing the fewest but most complex problems facing an
organization, includes those that are long-term and require cross functional teams with appropriate
experts to solve. Tools such as Six Sigma, statistical engineering, design of experiments and
benchmarking are appropriate.

In clause 7.3.3, ISO 9004:2000 indicates top management should ensure appropriate people are
assigned to manage and conduct systematic reviews to determine whether design and development

objectives are met. These top management representatives should include experts. Problem
identification and correction are listed among items these reviews should include.

This is also the level in Figure 1 (p. 90) where innovation happens. Organizations typically depend on
experts for innovative improvements, which occur sporadically but provide quantum leaps in
efficiency and effectiveness. This type of improvement takes time and much work compared to
continual improvements that can be made by everyone for problems of less complexity.

RASIC (or RASCI) Charts

A RASIC (responsible, approves, supports, is informed and is consulted), also known as RASCI,
chart is a simple tool that can be used to identify roles and responsibilities in a process to make
sure ownership, approval, support, consultation and communication responsibilities are assigned. An
example of a RASIC is provided in Figure 2. Completing a RASIC requires a detailed understanding
of the process. A RASIC can be used effectively with process flowcharts.

The RASIC chart has only a few rules. Steps of a process are listed. One, and only one, person or
function is designated as responsible for each step. A person to be consulted for a given step
generally has a stronger relationship to the responsible party than a person with a support role. It
is not necessary that each step have other roles such as "approves" or "is consulted" designated.
Generally, more process definition is better if it is applicable.

Anyone completing a RASIC should carefully consider who needs to be informed at each step of a
process. Effective communication, especially in a large organization, is difficult and must be planned
and provided for. This is one of the key benefits of a well designed document control process. It
will ensure those who need to know do indeed know and those who do not need to know will not.

According to Jack Welch, former chairman of General Electric, the secret to success is to make
sure all key decision makers have access to the same facts.3 Using a RASIC chart to define who
needs to be informed can lead to process designs capable of driving effective communication all the
time.
Problem Solving and Conformity Assessment

What all this means is that there is an opportunity, at least in sector specific areas, for
independent certification bodies to drive improvement in concert with accreditation bodies and
organizations' customers.
Problem identification is usually the first step in any disciplined problem solving model. In the
course of auditing, certification bodies, as part of a cross organizational team (Figure 1, levels 3-4,
p. 90), can help identify problems in the context of opportunities for improvement. Organizations
have supplier quality and internal quality functions with resources to solve problems but are not
always aware of the opportunities that exist in their supply chains.
To address confidentiality issues between the certification bodies and their clients, accreditation
bodies could provide a buffer for communication of appropriate information to customer
organizations. Corrective action by suppliers could then be prioritized by customers based on the
significance of the problems, as recommended by ISO 9004:2000, clause 8.5.2. The result could be
improved quality and customer satisfaction with both supplier organizations and the third-party
certification process.

Use ISO 9004 To Improve Performance

It's a powerful modern business management tool

by J.P. Russell

ISO 9004:2000 is a valuable tool for improving an organization's effectiveness, efficiency and the
quality of its products and services. It is a standalone document that should be used for improving
organization performance. Quality management and business principles are deeply rooted in it, and
there are clause-by-clause links to ISO 9001:2000.

The biggest misconception about ISO 9004:2000 is that it is supposed to be used as an

implementation guide for ISO 9001. Even though ISO 9004 may promote a better understanding of
the intent of the ISO 9001 requirements, ISO 9004 is much more valuable than that.

ISO 9004 was written for top management to use. However, it is not written like a book or a
procedure. Instead, it is a technical document top managers must study to know how to use it to
improve organization performance, reduce costs, satisfy customers and improve competitiveness.

Few quality professionals and managers seem to understand the tremendous opportunity ISO 9004
represents. Most are still struggling with "what good is it?" and "why use it?" questions.

Assess Your Organization

ISO 9004 can be used for self-assessment to determine how your organization compares to the
performance improvement guidelines. The standard is a collection of statements indicating what the
organization should do. The should-do statements can be used to create a checklist for evaluators.

The ISO 9001 shall requirements are included in ISO 9004:2000 so that it will be easy to link them
to the more challenging should performance improvement guideline statements of ISO 9004. Many
of the 280 individual should statements are expanded with a list of tasks or activities that should
be considered for implementation.

Organizations may either self-assess or hire outside auditors to evaluate them against the ISO
9004 criteria. Many organizations conduct periodic self-assessments to provide fact based
information to management about how they compare to performance improvement criteria and to
better determine where additional resources should be applied.

Using the ISO 9004 criteria, organizations can assess the maturity of their quality management
system (QMS) compared to world-class performance. The self-assessment can be used to identify
opportunities for improvement. In fact, if the assessment team has the necessary resources, its
members should forecast the benefits of improving the QMS based on ISO 9004 considerations. It
is not uncommon for assessment teams to be multidisciplinary.

Organizations commonly use quality award criteria, such as the Malcolm Baldrige National Quality
Award program in the United States, to conduct self-assessments. Conducting an assessment using

the ISO 9004 criteria is not the same as using quality award criteria. But, if your organization
conducted an ISO 9004 assessment and wanted to move to the quality award criteria, it would be
like taking another step up a ladder instead of needing a new ladder.

Appendix A in the ISO 9004 standard contains useful information about self-assessments and a
maturity model to grade your organization. Organizations can also use the 57 questions provided in
Appendix A3 or develop their own questions based on the should statements. The appendix also
proposes benefits resulting from improvement actions.

Better Risk Assessment

QMS standards are really a set of controls for specified activities or actions. The standards list
activities, processes or transformations that represent risk to organizations. To better manage
risk, organizations can compare the processes they currently control to the new ISO 9004
processes and process enhancements.

Perhaps measuring and monitoring customer satisfaction of all interested parties may be
appropriate to lower management risk. ISO 9004 establishes controls to measure satisfaction of
interested parties such as local government, regulators, suppliers, bankers, union officers and
partners. ISO 9004 has also added topics such as information and financial resource controls.

The writers of ISO 9004 identified processes that could add value to an organization. Since the
clause numbering of ISO 9001 and ISO 9004 is the same for the first two number levels (8.4 in
ISO 9001 is the same as clause 8.4 of ISO 9004), it is easy to cross-reference ISO 9004 to
determine what controls could benefit your organization.

The infrastructure (clause 6.3) and work environment (clause 6.4) criteria demonstrate how ISO
9004 is more comprehensive than ISO 9001 for assessing risk.

Build a Business Improvement Model

Organizations can use ISO 9004 as a business model instead of having a separate quality system
and management or business system models. ISO 9004 allows for considering both effectiveness
and efficiency of organizations. For most companies quality and organizational wealth go hand in
hand. Quality is a vital business strategy for long-term profitability.

ISO 9004 was not written by a university professor, nor was it created by a business or quality
guru. It is probably much better than anything a single professor could construct or an inventive
author or speaker could create.

ISO 9004 is the result of input from experts around the world. It passed multiple reviews and is a
consensus standard. It is what everyone on the international committee and voting member
countries agreed is important for performance improvement.

All the pet peeves and baseless inputs have been removed. What is left are the bricks and mortar
for solid and proven business controls. The ISO 9004 guideline standard may not be as fun to read
as books such as The One Minute Manager,1 but managers, officers and business owners can count
on every sentence being important and deserving attention.

The parts of ISO 9004 that do not apply to your organization do not need to be added to your
business system. Once you determine the parts that will benefit your organization, the same
process approach as in ISO 9001 can be used to expand your business management system.

Next you can develop measurable business objectives, not just quality objectives. In fact, once
organizations implement ISO 9001, they may ask why the quality objectives are different from the
business objectives. Aren't the quality objectives linked to business risk and opportunity for
improvement?

Enhance Management Review

Using ISO 9004 at management reviews and during management planning will add value. Most of
ISO 9001 improvement is reacting--to customer complaints, audit findings and daily process

management issues. ISO 9004 is a proactive tool used to evaluate and improve the suitability of the
QMS. The comparison of your QMS to ISO 9004 at management reviews will result in
recommendations for improvement that will change the existing system. Use of ISO 9004 criteria
will lead to preventive action and continual improvement.

Because ISO 9004 links financial benefit (efficiency) and the QMS, there is greater buy-in from
top management. ISO 9004 also brings out potential upsides that will improve competitiveness.
Sure, management wants to maintain what it has, but its real need is to stay competitive in an ever
changing business environment.

Its writers recognized ISO 9004's usefulness in promoting continual improvement, so Appendix B
provides the steps to follow, whether for small step ongoing improvement or breakthrough projects.

Assess Suppliers

Many organizations have been using ISO 9004 criteria to evaluate their suppliers. The criteria are
tough, but organizations will know a lot more about their current or potential partners' strengths
and weaknesses. With this new knowledge, they can take advantage of the strengths and either
avoid or help shore up weaknesses.
A checklist referencing the should requirements found in ISO 9004 can be used once or over time
to assess prospective or existing suppliers. This assessment can be linked to due diligence
requirements needed to develop mutually beneficial supplier relationships.
ISO 9004 is probably the most powerful, yet underutilized, modern business tool in existence.
There is no question it is a worthwhile tool. The question for modern business is, how can
organizations afford not to use a consensus document outlining universally accepted criteria for
performance improvement?

Technology and World Leadership

Standards play a role during both war and peacetime

by Dale K. Gordon

This month's column will be a bit unusual in that it does not look forward so much as look back. I am
writing as the conflict in Iraq is winding down and the considerable military might of the United
States and other coalition forces was able to bring down the regime of a despot in the Middle East.

Whether this was a correct use of force is not a debate for this column, but rather the column
reflects on how the developed world, and the United States, in particular, have the technological
ability and resources to extend their influence globally. It certainly takes great leadership, but it
also takes great capabilities in manpower, materials and manufacturing.

My daughter has acquired a taste for history in addition to her other scholastic interests. This is
the same interest I enjoy--reading and understanding how societies and civilization have changed,
progressed and, in some cases, regressed throughout the ages. Last Christmas she gave me a book
by the late Steven E. Ambrose, a noted historian and a prolific writer about American history.1

While Ambrose typically wrote about significant events and historical leaders, in this particular
book he sums up his research and other facts and events related to American leaders. So what does
this have to do with standards, you ask?

As I read this book and was simultaneously attuned to world events, I realized how the confluence
of technology and political events has changed modern politics and the ability of nations to project
their ideas well beyond their borders. The book also shows the role standardization has played in
this ability.

The American Civil War in the mid-1800s and the birth of the industrial revolution a short time
later heralded the beginning of nations using technological and industrial might to impose their will
(in some cases, particularly with Germany and Japan in the mid-20th century, to impose domination).

I am sure some historians would argue this has been true since man made sharp tools or discovered
metals.

Quality and Warfare

In his book, Ambrose wrote about the great advances in technology of the late 19th century and
how this technology quickly advanced the state of weaponry and gave rise to nations with power
based on industrial might. In World War II, President Franklin Roosevelt even talked about the
United States being the "arsenal of democracy."

It's interesting to look at these advancements in technology and standardization in terms of war
and its resulting carnage. In the American Civil War, more than a million Americans were killed; in
World War I, 118,500; in World War II, 405,000; in Korea, 33,000; and in Vietnam, 46,000. The
numbers are significantly smaller and the conflicts (thankfully) shorter for the Persian Gulf War of
1990 and the recent military actions in Iraq.

The quality of munitions and weapon systems prior to and during World War II was not wholly
reliable, and any shortcomings were made up in volume. This dramatically changed during the course
of the war. Germany knew it could not outproduce the Allies, so it adopted a quality philosophy in
war production. German tanks, designed for serial development from a basic model, were of the
highest quality, as were German small arms.

For example, the MP-40 submachine gun, known to Allied soldiers as the Schmeisser, was both the
best of its kind in use by any army and one of the simplest to produce. German design engineers
simplified its components so almost all could be produced by repetitive stamping. Only the bolt
assembly and barrel had to be machined.

German secret weapons were also a testimony to the success of the quality philosophy. Although
Germany's electronics industry failed to match the achievements of the British--who consistently
produced better radar equipment of every sort and supplied the scientific and technological basis
for American industry's advances in that field--and although Germany's nuclear weapons program
was an abject failure, its success with pilotless weapons and advanced submarines was impressive.2

Most of the advances in manned flight (2003 being its 100th anniversary) have come from
investments primarily funded by military activity. We can, however, credit the commercialization of
this technology with the ability to bring people together and export products and ideas quickly and
efficiently around the globe.

We are able to work harder, smarter and more effectively because of great advances in technology
that are significantly improving worldwide living standards. Not only are diets, medicines and
engineering vastly better, but we can distribute these advances globally. In fact, understanding of
human events and global communication are improving faster than during any other era in human
history.
Standards' Role
This ability to spread the means of improving living standards has been achieved using some basic
principles of standardization for developing railroads, distributing electricity, producing medicines
and manufacturing products on modern assembly lines. Standards have also allowed the increases in
manufacturing capability that are continuing to reduce the cost of most consumer products.
While the three standards for cellular phone technology have created some shortcomings in global
telecommunications, we can still see digital images of anything anywhere on a real-time basis using
these standards.
It's remarkable most of what we discuss in the "Standards Outlook" column are consensus
standards--ones agreed on at a national or international level by global participation in a process
dedicated to making commerce and human endeavors easier and more consistent.
ISO 9001, TS 16949, AS9100, TL 9000 and many other quality standards are the results of global
efforts at rationalization of processes. Designed to be universally understood and applied, these
standards ensure the organizations employing them continuously improve, thereby benefiting not
only the organizations but humanity as well.
Throughout history, outstanding leaders and momentous decisions have shaped our world and the
political environment in which we live today. But in the 20th century (and possibly into the 21st), the
harnessing of technology and applications of industrial processes have brought the world together
and made it a smaller place. Through standardization we are beginning to behave as unified
peoples--using a common language not only in commerce but also in politics.
Standardization is not meant to stifle innovation or subvert progress. Quite the opposite, it is
intended to remove variation in processes, which can cause failure, poor performance, and
disagreements or friction between parties.

Standards Developers
Developing and producing standards is not ignoble work, nor is it likely to be a major part of
history. Standards won't bring fame and fortune to their creators. But the men and women involved
in such efforts tend to view standards creation as a worthy and fulfilling endeavor benefiting a
larger whole and a greater good.
We should, therefore, take time to recognize those who have spent countless hours of debate,
consideration and analysis to develop what ultimately may be seen as no more than words on paper.
Yet those words help guide, promote and stabilize large sectors of commerce and industry, and
ultimately benefit mankind.
Standardization can create a common understanding among people not only from a customer
satisfaction viewpoint, but also from a humanitarian perspective. It allows for mass communication
as well as mass production. Standards enable advances in technology and the ability to use it,
hopefully for a common good.
Standards are now reaching into the realm of social activities, environment, working conditions and
the treatment of workers engaged in commerce. Perhaps someday we will have standards about the
role of governments and the rights of people. In the United States we call that our Constitution.
Standardization is a language unto itself, but in the end the process is an agreement among people
that standards should not only benefit users but should allow those who develop them to take
satisfaction in their proper application.

How To Implement and Audit The Process Approach

by J.P. Russell

If you organize your management system according to how business processes work instead of by
departments or elements of a standard, you are using the system-process management approach.

There has been increased interest in the process approach ever since ISO 9001 was issued in
December 2000. It is a good approach whether you are interested in International Organization for
Standardization, known as ISO, standards or not.

One of the clever tools we can use to develop the process approach is the plan-do-check-act
(PDCA) cycle. Actually, we can say applying the PDCA cycle to how we do business is the process
approach.

The ISO standards community has provided several guidance documents to help organizations
implement and better understand the requirements in the ISO 9001 standard. These documents
are free to anyone, but unfortunately the guidance documents are seldom used.

One of the documents providing guidance on the process approach is being revised.1 The revised
document is likely to delete a section I find particularly helpful for auditing and implementing the
process approach. I am concerned that once the revised document is issued, the original version's
valuable implementation question section may not be available for referencing.

To preserve the implementation questions section for future reference, I will share my version of
these questions with you in the remainder of this column.

The Questions

The requirements for the quality management system (QMS) are defined in clause 4.1 of ISO
9001:2000. The following questions, identified by PDCA stage and by ISO 9001 clause, could be
used by those wanting to implement or audit the system-process approach of an organization.

Plan--4.1a. Identify the processes needed for the QMS and their application throughout the
organization:
Are the processes needed for the management system defined? What are they?
Are the customers of each process (internal and external) identified? Who are they?

Are the customer requirements known? What are they?

Are the process owners identified? Who are they?
Are any of the QMS processes outsourced to other organizations? What are they?
Are the inputs and outputs for each process defined? What are they?
Plan--4.1b. Determine the sequence and interaction of these processes:
Is the overall flow of the processes known? What is it?
Are the sequence and interaction of processes described in some manner such as process flow
diagrams, process maps, flowcharts or other means? What is it?
Have the interfaces between processes been identified? What are they?
Have documentation needs been decided? What are they?
Plan-do--4.1c. Determine criteria and methods required to ensure both the operation and control of
these processes are effective:
Are the characteristics of the intended and unintended process results known? What are they?
Are there criteria for monitoring, measurement and analysis? What are they?
Are economic issues (cost, time and waste, for example) considered? What are they?
Are there methods for data gathering? What are they?
Are criteria and methods considered during management system planning? How?
Plan-do-check--4.1d. Ensure the availability of resources and information needed to support the
operation and monitoring of these processes:
Are resource needs defined for each process? What are they?
Are the communication channels defined? What are they?
Does the organization provide internal and external information about the process? How is it done?
Is feedback obtained? How is it done?
Are needed process data defined? What are they?
Are needed records defined? What are they?
Plan-do-check--4.1e. Measure, monitor and analyze these processes:

Is process performance (process capability, customer satisfaction) measured? How is it done?

Are necessary measurements determined? What are they?
Is the gathered information analyzed? How is information analyzed (statistical techniques)?
Are the results of analysis known? What do the results tell the organization?
Plan-do-check-act--4.1f. Implement action necessary to achieve planned results and continual
improvement of these processes.
Are the processes improved? How are they improved? What improvements were made?
Are necessary corrective/preventive actions identified? What are they?
Are corrective/preventive actions implemented? When?
Are corrective/preventive actions effective? How is effectiveness determined?
Function vs. Process
Most businesses and organizations start off using the process approach, but as they grow,
functional departments are formed. Managing by department or function leads to more emphasis on
function performance and less on the processes for providing a value added product or service and
achieving customer satisfaction.
Whether or not your organization claims to conform to ISO 9001 requirements, the previous
questions can identify management system opportunities. Organizations that use the system
approach to management benefit in the following ways:2
Their processes are integrated and aligned.
They have the ability to focus efforts on key processes.
They have greater confidence they are operating in a consistent, effective and efficient manner.