The DO's and DON'Ts of ISO 9000 implementation
“Management is about arranging and telling. Leadership is about nurturing and enhancing.â€
Thomas J. Peters (American Author and consultant, birth 1942, books: Re-Imagine)
DO's
Document your way of doing business.
Keep the documentation simple.
Document the flexibility you need in your procedures.
Use this opportunity as a stepping stone to get better efficiency in your operations.
Choose a Management Representative that is part of the management team and well liked and respected within the organization.
Choose a Management representative who has leadership capabilities.
Provide ISO training to the manager level individuals even if you are going to use an external consultant.
Provide Quality Auditor training to the Management Representative and some other key members of the organization.
Select a consultant on the basis of how well his style will fit your company culture, as well as his success rate in helping companies achieve certification. An inappropriate consultant can do a lot of damage. Check the references!
Make sure you use consultants with practical business experience in your field.
Beware of consultants that quote you a fixed cost without conducting a thorough audit of your operation. They are low-balling to get the job. Once they get it and they do get a feel of the amount of work, they will either start cutting corners to save time, which will put you at risk, or find a way to abort the implementation process in midstream after having pocketed a chunk of money.
Ask for detailed quotes from registrars that cover beyond 3-year period, which include the yearly or half yearly Surveillance Audits. Note that some certification bodies quote you for six years and give certification without renewal date or expiry date.
Lock in a registration audit date right away, so that all your organization has a clear target and stays focused. Secondly certification bodies are too busy now a days and getting a suitable date might be a problem.
Choose and treat your Registrar like a long-term partner.
Use a Registrar's Preliminary Assessment as an improvement tool, as well as to maintain momentum for the implementation.
If you feel confident that you are ready without having to go through a preliminary assessment, call for a certification audit.
DONT's
Start implementation before an experienced person or a professional conducts a gap analysis to determine exactly what needs to be done. You may go off-track and waste precious time and resources implementing unnecessary items, and missing some crucial tasks.
Implement documented quality management system just to get a certificate.
Over-document procedures: the more you say the more you commit to.
Sacrifice the operational flexibility you need for your business.
Use an expensive consulting firm as a guarantee of better results: they usually have large corporation background, and may impose inapplicable requirements to your businesses, or may send their trainees to work on your account.
Document artificial or hypothetical ways of doing business to please the auditors (from certification body).
Not commit to a target date for certification audit until you assess implementation progress.
Think that the auditor is here to fail you and worse to think that the auditor is here to give you certificate, no matter what you do.
Use an obscure certification body who may almost give you a certificate for the right price… Their ISO certificates are worthless in the eyes of the business community.
Think that a good auditor is necessarily good at implementation.
Have a Preliminary Assessment conducted by the certification body, even before you have documented your quality system.
Implement Statistical Process Control Techniques even if it does not make sense for your process.
