Featured Product
This Week in Quality Digest Live
Risk Management Features
Jón Bergsteinsson
Understanding the standard is essential
Megan Wallin-Kerth
Or, how mistakes factor into a kaizen mindset
Shaneé Dawkins
Learn how to spot and avoid common phishing tactics
Gleb Tsipursky
Tension between desire for flexibility and perceived need to be visible for career advancement
Scott A. Hindle
Part 2 of our series on SPC in a digital era

More Features

Risk Management News
Providing practical interpretation of the EU AI Act
A tool to help detect sinister email
Developing tools to measure and improve trustworthiness
Streamlines annual regulatory review for life sciences
Adds increased focus on governance
Educational offerings available in Santa Clara in December 2023
Greater accuracy in under 3 seconds of inspection time

More News

Steven Severt

Risk Management

Have You Truly Integrated QMS Requirements Into Your Business Processes?

Implementing ISO 9001 will add incredible value to your business, but only if you let it

Published: Tuesday, July 27, 2021 - 11:02

When it comes to ongoing certification of your quality management system (QMS), whether it’s certified to ISO 9001, ISO 13485, IATF 16949, or AS9100, how many times have you found yourself “preparing for an external audit?”

Picture the scene: You’ve got the dates set on the calendar months in advance for when the certifying body (CB) auditor will be onsite. For several weeks, you’ve been communicating in company memos and meetings about the upcoming visit. You’ve started to lay out Gannt charts and action-item lists for things that you need various departments and individuals to check up on and clean up as you inch closer to the arrival day. You’ve developed a carefully curated path to lead the auditor so that they see only the things that you want them to see. You’ve trained personnel in that area on the proper responses to auditor questions. You must make sure that everything appears to be in order when the auditor arrives.

Notice the statement, “Everything appears to be in order.”

ISO 9001:2015 Clause 5.1.1 c) states simply that it’s top management’s responsibility to “...demonstrate leadership and commitment with respect to the quality management system by... ensuring the integration of the quality management system requirements into the organization’s business processes.”

Manager, if you’re going to such great lengths to keep up appearances ahead of a third-party audit, have you truly met the requirement of ensuring that the QMS requirements are integrated into your business processes? Are the requirements of the QMS standard truly representative of how you are conducting business?

Obviously, the answer here is, “no.”

With a long career in quality engineering and an active consulting business that offers QMS implementation and auditing, I cannot express how often this clause in ISO 9001 is glossed over without the organization giving a second thought to how well the standard and its requirements are truly understood and integrated into the business. Companies of all sizes are often going about their daily business activities in one way, then scrambling to understand their QMS requirements ahead of audits to clean things up well enough to appease the auditor on audit day. Or worse, they’re scrambling during the audit itself to keep the auditor’s attention focused on the right areas and people rather than all the known problem areas that will cause them to doubt the QMS requirements have been properly implemented.

If you’ve ever found yourself texting a colleague during the audit to warn that the auditor was heading their way, you may know a bit about what I’m saying.

If any of this is bringing up flashbacks of audit preparations you’ve recently had, you might want to think about whether you have truly met the requirements to integrate QMS requirements into your business practices.

But let’s consider an alternative: Don’t prepare for third party audits. When your team asks you, as manager, what to do to be ready for the third-party auditor, simply state, “Nothing.”

Instead of preparing months in advance for an external audit, carefully curating paths you want the auditor to see, and training shop-floor personnel on what to say in response to certain questions, start to understand the audit as it is intended to be: a snapshot of your QMS in its current state. Start to see the auditor as they are intended to be: a partner to help you understand areas where your system is weak, or where quality system requirements are not fully implemented so that these items can be improved.

It doesn’t do anyone any good not to have all the cards on the table when the quality system is being assessed. You might pass the audit and gain or retain your certification, but you’re not challenging yourself to improve your QMS and, thus, are not going to truly benefit from the requirements so they can help you improve your business processes.

Manager, if you truly want your QMS to add value to your organization—which a properly implemented QMS inevitably will—then you need to make sure you understand the requirements of the QMS standard that you’re certified or certifying against.

The clauses of popular quality management standards, such as ISO 9001, are built based on decades of defined best practices, and they’re intended to be integrated with one another as well as the business practice. You, as top management, have a requirement to own and support the QMS, and to ensure that it’s truly integrated into your business. Throwing some buzzwords in your quality policy from the documentation template package that you purchased online or were handed from a consultant isn’t going to make you truly compliant to the requirements of ISO 9001.

Even if you can successfully trick an auditor with a superficial QMS implementation and blitz efforts ahead of the audit to put on a good show, doing so will rob you of the opportunities to improve your business processes, customer satisfaction, and the overall increased profitability that would come from truly embracing the precepts outlined in your QMS.

Implementing ISO 9001 or similar standard will add incredible value to your business, but only if you let it.


About The Author

Steven Severt’s picture

Steven Severt

Steven Severt, who writes for isoTracker QMS, is a quality management professional with nearly two decades of experience in the automotive and medical device industries. He has extensive experience launching and supporting manufacturing processes to supply automotive OEMs as well as developing, supporting, and auditing quality management systems that adhere to the requirements of ISO 9001, IATF 16949, ISO 13485, and 21 CFR 820.


Too true

Perfect description which can be summed up as 'do as you say, say as you do". The trick? Well... there is no trick. Do what you say and actually say what you do.

Have you Truly Integrated QMS Requirements Into Your Business Pr

INCREDIBLY well said and so very true. Sadly, most managers either don't understand the concept or just refuse to commit to it. They would rather waste time and money talking in tired cliches and building smoke screens than practicing what they want to claim.