Part III. The Essence of Aligning Management Systems with ISO Standards
The dynamics of global trade is shifting. Increasingly, products and/or services are being shaped across multiple countries (and across multiple organisations) before becoming customer-ready. This boom in global value chains – the international fragmentation and dispersion of processes involved designing, producing and delivering goods and/or services – highlights the need to harmonise the differences that may exist among the technical regulations and standards developed independently and separated for individual nations (and individual organisations). Adopting international standards – identifiable, clearly-defined specifications that have global consensus – represents one way of preventing or overcoming the technical barriers that may arise in international commerce. Furthermore, international standards ensure that organisations involved in global value chains are operating efficiently and safely, while providing high-quality products and/or services.
The International Organisation for Standardisation (ISO) represents the world’s largest developer and publisher of international standards. Of these ISO standards, management system standards are the most famous and most heavily implemented. ISO management standards provide guidance in developing the foundations for managing a multitude of issues that exist across the breath of individual organisations (e.g. quality, health & safety and environment) and/or individual industries (e.g. automotive, telecommunication and food safety).
Some ISO management standards are industry-specific and are primarily designed as guidelines for organisation orientation. These standards essentially function as technical specifications that apply to industry-specific processes. Other, ISO management standards embrace a more generic approach – providing broad applicability – for the purposes of certification. In this context, certification relates to written assurances that an organisation’s processes conform to the requirements of an ISO management system standard(s). The ability be relevant across a range of organisations – irrespective of organisational size and/or specificity – makes generic ISO management standards the popular choice for organisations seeking to create and consolidate commercial bridges, both domestically and internationally. Generic ISO management standards are not typically prescriptive, but rather provide a reference framework – consisting of milestones and after-care instructions – from which organisations can design and implement management systems that best meets their needs. Therefore, individual organisations can focus on pursing their own unique objectives without being burdened with perpetually complying with ill-matching requirements.
Through implementation, ISO management standards ensure that materials, products, processes and services are fit for their purpose. Most ISO management standards share certain commonalities:
- Top-management responsibility. Leadership from top-management forms the foundation of the management system. Top-management needs to be involved, provide support and ultimately take responsibility for the organisation approach for meeting requirements from both external (e.g. customers) and internal (e.g. organisational policies) sources.
- Plan-Do-Check-Act Cycle. This cyclic process approach provides the underlying blueprint for management system activities and for the continual improvements of the management system (and organisation):
- Plan – Establish processes, address risks and opportunities, and allocate resources for achieving organisational objectives;
- Do – Execute processes.
- Check – Monitor and evaluate processes, and report on performance (including problems, non-conformities, inefficiencies and/or opportunities for improvement).
- Act – Determine and eliminate root cause(s) of process deficiencies so that the next cycle can proceed with a better performance base-line.
- Risk-based thinking. There is increased emphasis on establishing risk-based thinking as the basis of ISO management systems. As most organisational decisions involve some level of risk-assessment, there is a shift towards making risk-management an important cog in organisational operations. From an organisational standpoint, risk-management should not only be allied with potential adverse outcomes, but also with potential opportunities.
- Management system improvement. Not only do organisational processes need to be continually reviewed and improved upon (i.e. Plan-Do-Check-Act Cycle), the culture of continual evaluation and improvement needs to be woven into the fabric of the management system (and organisation) itself.