Featured Product
This Week in Quality Digest Live
Standards Features
Mark Hembree
Rumors about ball performance meet quality assurance
Grant Ramaley
FDA seeks to align Part 820 with ISO 13485:2016; why that may not be enough.
MSMEs are encouraged to uphold the highest standards
Steven Brown
21st-century standard candles at NIST

More Features

Standards News
US Dept. of Commerce issues seven grand challenges
Requesting quotes for ‘Baldrige Reimagined’
Standards-based audit checklist and best practices provide support for growing technology in aerospace
Accelerating the adoption of digital twins in building industries
Tactics aim to improve job quality and retain a high-performing workforce
Demonstrating a commitment to keeping people safe and organizations running
Making the new material freely available to testing laboratories and manufacturers worldwide
Run compliance checks against products in seconds
Aug. 25, 2022, at 3:00 p.m. Eastern

More News

Arun Hariharan


Is Poor Quality ISO 9001’s Fault?

Or is top management the problem?

Published: Tuesday, October 6, 2015 - 11:02

The chairman of a large company once ridiculed ISO 9001, saying, “Even the municipal office of this city is ISO 9001-certified, and we all know how bad the municipality is. I don’t believe ISO 9001 can do my business any good.”

The chairman had similar uncharitable things to say about other quality methodologies, such as business excellence, lean, Six Sigma, and so forth, so his comment wasn’t about ISO 9001 vs. other quality methodologies. It reflected a lack of belief in quality management systems or practices altogether.

Now, is this ISO 9001’s fault?

Over the years, that chairman’s comment has remained in my mind as an example of some senior business leaders’ attitudes to the discipline of quality.

A month ago, I began a discussion on LinkedIn’s ISO 9001 group. I shared the chairman’s comment with this large group that consists primarily of quality professionals. I asked them if they agreed with the chairman that poor quality was ISO 9001’s fault, and invited them to share comments or related experiences. I’ve received more than 150 responses from around the world, ranging from, “We should take the chairman’s criticism seriously” to, “The chairman is an idiot.”

I found the group’s responses to be extremely interesting and insightful. I also observed that most responses seem to fall in one or the other of the following categories:

‘It’s the organization’s fault’

The largest number of respondents seem to think that the “fault” lies not with ISO 9001, but with the organization itself, particularly its leadership or top management. They question the spirit in which ISO 9001 is implemented in many organizations. According to this view, ISO 9001 (or other models, for that matter), are tools, and it’s up to the organization to decide whether to derive real benefits from the model in the form of quality products and services for customers, efficient processes, and continuous improvement. A number of respondents blame the short-term outlook of many business leaders, and report that they’ve seen organizations that just want the ISO 9001 certificate “to hang on the wall” for image purposes. “Then why blame the model?” they ask.

One respondent commented, “What the organization does when the auditor is not present has a larger impact. I’m always amused by those who, just prior to an audit, scurry around fixing noncompliance issues and never really grasp that the existence of these nonconformities (NCs) suggest a need for actual improvement.”

Another respondent says, “The attitude of the top management toward the QMS is of vital importance. Managers must learn that quality is not less important than time and money.”

A third points out that many organizations have “ISO 9001 processes,” which are distinct and not to be confused with the company’s “real” processes. He says that the ISO 9001 processes exist only on paper, to be shown to the certification body (CB) auditors once a year. I can’t put this better than the respondent who says, “In the month leading into an annual CB audit, managers and staff run around like chickens with heads cut off trying to catch up and prove some form of compliance to ISO 9001 for the annual surveillance audit. Then it’s back to business as usual.”

Another person points out that companies’ projects are driven by cost and schedule. “Usually, cost is the main driver for their own company, while schedule is driven by their clients,” he says. “Nobody talks about quality until something goes wrong. Very few quality managers would be allowed to stop the work process when a nonconformance is found.” (Lean experts call this jidoka—stopping work when a defect is first found to identify the root-cause.) Essentially, the point here is the lack of focus on proactive preventive action.

In this context, another comment struck me as positive and particularly significant: “We do not do anything to get ready for a 9001 audit. We’re always ready.”

A similar comment was, “If top management isn’t on board reviewing the health of the company and taking corrective actions, then it won’t work. And if they already do that or are interested in doing that, then adapting their company to ISO 9001 will be fairly simple.”

I’ve noticed that organizations that have real processes in place—for real work for real customers—are the ones that are always ready for an audit.

 “Quality policy statements are usually signed off by the CEO because according to the standard, it’s top management’s responsibility to frame the quality policy,” commented another respondent. “However, having signed the quality policy, how many CEOs really follow it when it comes to business decisions?”

An internal auditor says, “Usually management pressure renders the audit useless. In a recent internal audit, I got warned by senior management for pointing out a noncompliance.”

Another commenter noted, “A company has to pursue implementation for the right reasons and continually improve its QMS with integrity. If it’s simply a marketing ploy, it will eventually be seen internally and externally for what it is and lose support to the point of failure.”

Many organizations go for ISO 9001 certification because a customer insists on it, or—as this respondent puts it—as a “marketing ploy” to attract customers. An important point is being made here that such tricks are quickly seen through by customers. After all, which customer will tolerate a supplier or vendor that delivers poor quality—even if that supplier is ISO 9001-certified?

In my opinion, companies with poor quality and no real intention to improve are better off without an ISO certificate than with one. Having an ISO 9001 certificate can raise the expectations of your customers, and you will be in bigger trouble with them if you deliver shoddy quality. I’ve seen customers make snide remarks to such companies: “Aren’t you ISO 9001-certified? Who gave you the certificate? How can an ISO 9001-certified company deliver such poor quality?” and so forth.

Here’s another interesting comment: “If a person buys a new John Deere merely to display it on the showroom floor as a decoration, it has only minimal value. For the person who uses it to plow and cultivate crops all year, the tool is a critical part in achieving results. ISO 9001 is a tool. You have to put it to work to tap its value.”

These responses seem to indicate that a number of organizations and their leaders go for ISO 9001 certification for the wrong reasons—some short-term requirement such as a customer insisting that its suppliers must be certified, or just getting a “wall certificate” for image purposes.

An experienced ISO 9001 auditor and consultant comments, “In nearly every audit where the standard was ‘implemented,’ it was the intent of the management team to look good and/or implement the system because of an outside influence. In my 30 years of auditing, I can honestly say I have found less than 10 companies that have fully implemented and supported the standard.”

Clearly, one shouldn’t be surprised if such organizations get no real benefits from ISO 9001, nor blame the standard for this.

On the other hand (and I’ve seen this myself), for companies where leadership is genuinely interested in quality for their customers and continuous improvement, ISO 9001 certification can be a very useful tool. I’ve noticed that these companies treat the ISO 9001 certificate as more of a byproduct than the main purpose of their quality initiatives.

As one respondent puts it, “If CEOs and senior managers have a desire and goal to improve the service or product they provide, and truly want to make their business more efficient, then certification becomes a byproduct of the process.”

Several people pointed out that ISO 9001 is not an end in itself; an ISO 9001 certificate is no guarantee of quality products or services. On the other hand, ISO 9001 can be a great means or guideline, if genuinely followed, to continuously improve the quality of the business for its customers and build a competitive edge. In my experience, this is entirely in the hands of the organization and its leaders.

I like to think of ISO 9001 (and other standards, business excellence models, and quality methodologies) as similar to a list of important health-related measurements prescribed by a doctor. A person who is genuinely interested in maintaining long-term good health will measure herself against each recommendation, and work toward staying within the healthy range. Perhaps the critical chairman's comment is like saying, “I know someone who took the list of health-related measurements from his doctor and died. Therefore, health measurements are useless.” They are, if nothing is done to achieve them.

‘It’s ISO 9001’s fault’

A much smaller number of respondents think that it is indeed ISO 9001’s fault.

One person thinks that ISO 9001 can’t instill “management vision” or measure it, and therefore it fails. Another commenter is of the opinion that it’s the fault of registrars and accreditation bodies because they have “lowered the bar” and allowed the certification process to deteriorate into something that "every organization can get.”

A third respondent says, “ISO 9001 has not (until the 2015 version) placed the responsibility back on the management staff as a whole as TQM does.” He seems to be referring to the changes in the revised version ISO 9001:2015, where quality policies and objectives are expected to be compatible with strategic direction, and QMS requirements are integrated into business processes.

My own experience is that no model can instill serious management involvement; it must come from within. An individual or group that have higher levels of conviction and greater buy-in can play an influential role in spreading the quality culture throughout a company, and also create higher levels of expectation for quality within senior management. Higher expectations lead to greater seriousness, involvement, and ultimately, results. 

ISO 9001 vs. other quality methodologies

A couple of respondents interpreted the chairman’s comment to mean that ISO 9001 is inferior to other models like lean, Six Sigma, or TQM.

As I mentioned at the beginning, though, the chairman had similar skeptical things to say about other methodologies, so it’s clearly not about the methodology.

My own experience in a number of organizations is that any methodology (or combination) can give good results if there is seriousness, high expectations, and involvement on the part of top management. In the absence of seriousness from top management, no methodology can provide sustained results.


I’d like to acknowledge and express my gratitude to everyone who shared their valuable comments in the discussion “Is this ISO 9001’s fault” in the ISO 9001 group of LinkedIn. Readers are encouraged to view the entire discussion (see link at the beginning of this article) to see the names of all the participants and their comments. And the discussion is still on—your own comments are welcome, too.


About The Author

Arun Hariharan’s picture

Arun Hariharan

Arun Hariharan, author of Continuous Permanent Improvement (ASQ 2014), and The Strategic Knowledge Management Handbook (ASQ 2015) is a strategic quality, knowledge management (KM), and performance management practitioner with nearly three decades of experience in these fields. He has worked with several large companies and helped them achieve substantial and sustained results through quality and customer focus. He is the founder and CEO of The CPi Coach, a company that provides partnership, consulting, and training in business excellence and related areas. Former roles held by Hariharan include president of quality and knowledge management at Reliance Capital Ltd, and senior vice-president of quality and knowledge management at Bharti Airtel Ltd, India. He is a frequent speaker at quality and KM events around the world. He is also the author of more than 50 published papers on quality and KM.


Poor quality is inherent to ISO 9001

Here is where the so called quality gurus heads will literally explode.    However. why would I make such a bold statement?   With 35 years experience in manufacturing, I have lived through all of the tricks of the trade related to the Quality movement...  And after studying these systematic pontifications of shining excellence, I have come to the realization they are all mostly rotten eggs, especially ISO management system standards.   Think about this statistic for just a moment.... Over 1/2 of the ISO registrations for Quality Management exist in China, and of those registrations, the majority are window dressing....  Certificates handed out through corrupt instutions and officials. 

But lets get to the heart of the mater shall we.... 

ISO 9001 or Quality Management System Standard, was invented for supplier management only.   Its intent, was to replace manufacturing driven supplier management programs.  The reasoning was related to the conflict imposed upon suppliers attempting to adhere to the supplier requirements of the manufacturers they served (usually several),  Taking a wheel manufacturer as an example, they might serve several OE manufacturers, each with its own set of supplier requirements. ISO 9001 was designed with the intent of leveling out those manufacturers supplier requirements... ..... However today its strayed completely off course from that original intent. 

TC 176 made a few gross errors. 

  • It assumed its scope exceeded its original intent in the manufacturing area of supplier management and the leveling of supplier requirements
  • It attempted to force its way into government as the global standards bearer, who presumed to know more than the experts in manufacturing 
  • It became political, adopting the ideology of the UNs Global Socialists and Communists (Specifically Agenda 21 and Climate Change or Biospheric Rift) 
  • Through politics, it lost its connection with the major manufacturing experts of the world, assuming its self to be the expert through its alliance with the elite global socialists and communists who are construct of thermotical understanding only. 
  • ISO presented in its latest menagerie the idea that government regulators and street anarchists are somehow equal with customers. Tossing them all into one basket called “Interested Parties”….. The very definition of Interested Party within ISO 9000. Legally includes everyone on the planet.   This was written into the ISO Annex SL, by lawyers who wanted a policy which they could successfully use to sue corporations.  It has absolutely nothing to do with meeting the expectations of customers.  A hand grenade is a killing device.  If an manufacturer makes such a device for its customers, should they be legally liable for anyone who is subject to its use? However the legal terminology of “Interested Party” allows that liability to exist for any organization registered to the 2015 version of ISO 9001.
  • ISO auditing is not based on the financial audit standard. Most registered organizations could not pass an audit should financial auditors be employed.  The methodologies of 19011, are far to inept to meet the successful requirements of financial auditing... and yes I audit both 
  • There must be a pressure point, else the entire system of ISO 9001 collapses.  Something of authority over an organizations efforts to meet customer and specifically relative interested party requirements must be in place, else upper management will always choose to ignore ISO requirements which stand in the way to its assumed success. 
  • Finally the construct, the ideal that documents are a methodology of control is simply and wholly absurd. 

So how do I blame ISO management for causing poor quality?   That one is very easy....   Any organization who has as its focal point, maintaining registration to some ISO management system standard, and commits its resources to such nonsense, has already taken its focus off of its Customer(s).  An organization which spends one second of its precious time not completely and specifically focused upon its Customer(s), is an organization doomed to fail.  Secondly, the Annex SL based versions of ISO MSS’s focuses the organization on the minutia of interested parties.   Its correct to state that TC 176 added the term relevance to its interested party requirements, however that is a term which can be stretched to indicate anyone especially when coupled with the defined term “Interested Party” found in ISO 9000.  Therefore, an organization focused upon meeting ISO requirements is an organization which is not focused upon the expectations of its Customers.  Without Customers an organization need not be worried about interested parties as they will not exist. An organization which allows its employees to focus on the touchy feely Marxist anti-corporate street thug, is an organization doomed... People who hate corporations in antithesis, have been ideologically subverted and therfore will hate all corporations. An organization should never waste one second of its time acnowledgeing them or giving creedence to their failed ideology.  An organization should simply state it holds value in its customers and not the twisted ideologies of subverted individuals. 

Its always been a failure for one to assume that documents in an of themselves, represent effective process control. Especially work instructions. Many organizations which I have been involved with, make the mistake of thinking due to the texts of ISO MSSs that work instructions are required for every function within that organization. Worse, registrar auditors support that ideal and indicate such to the client.  I cant state how many times I have observed failure to meet a specific written work instruction step which is no longer valid, or which was never valid in the first place, especially with repetitive tasks under continual improvement.  Work instructions are only valid for operations which are infrequent and the successful steps easily forgotten.   Even if a task is infrequent, where the process is visually inherent, there is simply no need for a work instruction to exist.   A case in point would be escape from an aircraft.  How often do non-flight personnel open aircraft hatchways in an emergency?    However, do they need to read a work instruction on how to accomplish that task?  No! the assembly is inherent and visual. Organizations need to be smart and the existence of work instructions always made with a minimalistic approach.  

This latest approach to ISO MSS for quality, the 2015 version, is without doubt the most absurd version ever constructed by TC 176.   It was an attempt to get at the problem with any implementation of ISO MSS which is not bound on a pressure point.  It attempts to state that Interested parties are the dictate and everyone within the organization are subject to those interested parties.  It’s a completely absurd idea, which is impossible to manage, especially when considering the definition of Interested parties found in ISO 9000.  This is where the lawyers and Marxist based anti-corporation thugs, mucked up Annex SL by putting their thumb on the scale.  There is an old saying (adage) which goes thus…. You can please some of the people some of the time but not all of the people all of the time.. The abject meaning of Context and Interested Parties within ISOs latest Quality MSS, assumes the former not the later to be true in that adage.

Therefore, is ISO 9001 responsible for poor quality… Most certainly as identified in the points given above… Of course, I expect the quality gurus to circle their wagons and defend their abomination known as ISO 9001:2015 to the end…  after all it makes them all very wealthy….. However, for you CEOs and CFOs … you hold the reigns … if you don’t need ISO 9001 because its not a Customer requirement… then boot it out the door …. Tomorrow would not be soon enough… Instead focus your organization of Deming’s (Actually Toyotas) PDCA, Lean, 5S (the real thing no cleaning only version) and Monozukuri.  Further focus on having a solid ERP and PLM solution which interacts together and provides workflow capability.   Build the business around meeting the expectations of your Customers and only specifically relevant interested parties.   I could express brashness for those who adhere to the construct of ISO MSS, but I won’t.  All I will state is that Without the headache and abject failure of ISO MSSs … life will improve… immediately.

A well sesoned Auditors Perspective

A Stamp of Quality Certification Should Mean Something

When I buy a product that is stamped certified to meet certain standards that is indication to me that the product meets criteria to be usablle for the intended purpose. If it does not do what I bought it for and was certified for, then I wasted my money and it was a lie.

So what does ISO Certified supposed to indicate? It is supposed to indicate that this is a solid process that went through a rigorous certification process and can meet its goal of service. If it goes through through the process, gets certified and passed audits but still cannot meet the needs of the customer, shame on all invloved (ISO and the company)

What is Quality?

Quality is a abjet term... it means to one person something very different than the next person. 

However, to me it simply means meeting the expectation of customers through products or services provided in exchange for liquidity.   Look at any website where services are ofered.   Most wil offer several levels of service, the very basic, the next level and a premioum leve.   Should Customers purchasing the basic level expect the same as those who purchased the premium level..   And should they expect the same attention as those who paid for the premium level of service...   Is it quality to assure those purchasing the basic level of service are provided exactly what they paid for and nothing further?  

Quality needs to be defined as the meeting the agreed transactional expectations of both parties involved in a transaction. 

Quality should never be defined simply as the achievement of perfection 


Dear Sir,

One thing we have to remmember that ISO is only a tool for Quality, if company has a poor quality it doen't mean it is ISO system fault, most of the time and I seen poor quality comes from bag management  from the top, these days management they do not want to learn nes systems " You can not teach old dog new tricks" this is the management respond, what a WRONG idad. Sorry,


The answer is yes!

ISO only audits whether you are doing what you documented (And recevied ISO Certification for) that you were going to do, not whehter it is a good and effecient process. The questions that need to be answered are:

1. Can your company pass an ISO process certiifcation or audit and still have an inefficent process? Yes

2. Can your company fail an ISO audit but have effecient work processes? Yes and No

3. Can your company be effecient and not ISO certified? Yes

So here are the bigger questions....

Should a company be ISO Certified with processes that are not effective? NO  Are they? Yes

Does ISO have the ability and accountability to make that happen? Not sure but should

Thank you

Thank you for the valuable comments. You may also wish to post the same comments in the ongoing Linkedin discussion which is the basis of this article. The link to the Linkedin discussion is given in the article. This way, your comments would reach an additional audience, and benefit more people.