President at Glacier Consulting & Training, helping companies streamline their business processes, get ISO certified & grow their business!
More and more of the business world is moving to virtual, and with that comes new challenges we must face to ensure that the same quality standards are met, that employees have virtual systems to follow and that our information remains secure. To date, the International Organization for Standardization (ISO) has developed more than 22,000 international standards covering multiple industries and topics.
As the business world changes, so does the standards industry, and paying attention to such changes can help your company succeed. For instance, as an increasing number of companies embrace virtual operations, we’re seeing a rise in companies adhering to ISO 27001, an information security standard. It’s an unusual uptick but really not that surprising when you consider the big picture.
Information security is key, now more than ever, and it’s vital to ensure that everything from shared files to individual employee-used laptops is protected from hackers. Taking the time to become ISO 27001-compliant ensures that your data is secure and that access to it is limited. Many companies are finding that their clients and suppliers now demand such compliance before they even do business.
But meeting ISO standards is only the first step; once you’ve done so, it’s important to ensure continued compliance.
A Compliance System Only Works If You Use It
This may sound obvious, but some companies go through all the necessary steps to become ISO compliant and then don’t bother following the procedures and making the continual improvements that standard certification requires. I’ve had clients say, “Hey, make a system for me,” and then stick the plan in a drawer and only look at it when it’s time for their annual audit. Talk about counterproductive.
Many times, companies and their processes have been built over time, so there is no concrete, formalized method for how things are (and should be) done. New employees are trained by their co-workers or supervisors in the way they’ve always done it — which is not necessarily the most effective. This is where gaps come in and can cause inefficiencies and nonconforming products — the enemy of any manufacturer.
An ISO management system should be a living, breathing part of the business. Once you have it in place and embrace its use, it can be easy to make it a part of your company’s daily culture. But before that can happen, it must be a meaningful system that is tailored to your operation, not some boilerplate document that you try to shoehorn in.
Get started on becoming ISO compliant by walking through each process and carefully observing and documenting what you see. What are your strengths? Where are there gaps? Maybe you’ve always done it like that, but is it really the best way? Creating this process map will help formalize a systematic approach for a reliably repeatable outcome. You must know where you are to get to where you want to be.
Each ISO standard undergoes a review process every five years that typically results in a new standard being issued in the following three to five years. These are often fairly significant changes that have been made to be relevant to today’s world and meet the latest best practices.
Be proactive with your ISO system by reviewing it regularly to ensure that you’re continually improving. This may be the job of your quality or environmental manager, or if you’re a smaller company, it may fall to the president, plant manager or human resources administrator.
Upfront Effort Will Benefit You Later
I’m often surprised by new clients who feel overwhelmed and say things like, “Wow, that’s a lot of paperwork,” when we begin the ISO process. Yes, it’s a lot of work upfront, but it’s a one-time process that will only improve your operation. Forward-thinking companies quickly come to see that while there is a lot of documentation required upfront, once it’s set, it’s set.
From what I’ve seen, about half of companies hire a consultant to guide them through ISO compliance. If you choose to go it alone, be sure to do your research before committing to a process. It is a commitment, but when done right, the benefits of ISO compliance far outweigh the challenges.
When everything is flowing through the same process and procedures, it’s relatively easy for everyone to follow them. The more controlled the process, the less room there is for error, and the easier it is to identify deficiencies that affect quality.
Once you are certified in one ISO standard, it’s relatively easy to adapt to others because they all follow the same structure and have the same core requirements including objectives, resources, procedures, risk evaluation, corrective actions, internal auditing and management review.
Regardless of Covid-19, more and more companies are requiring that their suppliers are ISO compliant. It’s becoming more common for companies to go beyond ISO 9001, the main standard for quality management in manufacturing, and become certified in additional industry-specific standards such as ISO 13485 for medical devices and ISO 45001 for occupational health and safety. Many corporations are becoming more conscious of climate change and environmental sustainability and are asking their vendors to be compliant with ISO 14001 for environmental management systems. Pay attention to what your clients are asking for. If you don’t, you may be losing out on business and restricting your growth. And with the pandemic-related downturn to the economy, that’s the last thing you want.
When you do become compliant with a new standard, don’t be shy about spreading the word to your clients and sharing it on your website and social media accounts. It is indeed a big accomplishment to be proud of — and one you’ll never regret.