Information Technology Infrastructure Library (ITIL) has been growing in popularity because of its universal suitability as a framework for managing information technology (IT) services, including the infrastructure, development, and operations of an IT department.

In its fullest implementation, ITIL is a perfect complement to – and is perfectly complemented by – Six Sigma and Lean to create more agile and higher quality IT operations.  Using Six Sigma techniques like the DMAIC process introduces a more structured engineering approach to ITIL’s framework.  Lean thinking promotes continuous improvement and waste reduction into ITIL’s best practices.

ITIL itself does not provide methods to identify and target waste, document value streams (as is usually done with Lean), or measure customer satisfaction.  Nor is ITIL itself a transformation method used for change management.  But ITIL does provide the vocabulary and framework we think of as the process approach advocated by Deming, which is where all process improvements start.

Implementing an ITIL framework is an excellent starting point for IT organizations looking to evolve toward a more process-oriented state.  Six Sigma and Lean can be added to the ITIL framework to help your IT organization achieve continuous improvement and organizational agility.

Great news!  The U.S. Department of Commerce said orders for durable goods rose in May for the second straight month…

The Federal Reserve said today, at the conclusion of a two-day meeting, that “the pace of economic contraction is ’slowing’ and that financial market conditions have improved”…

In yet another sign of the recovery, a report showed “sales of new houses unexpectedly dropped last month, indicating foreclosures made existing homes more attractive…”

Forgive me for playing devil’s advocate but first, “they” are referring to lagging indicators.  Second, “they” never give any details like “Where’d you get those numbers?”, a question that was curiously missing from most analyses of derivatives and credit default swaps in the last couple of years.

Third — and most important — the danger is that before meaningful long-term shifts in policy have been made, corrective actions have been taken, and really effective controls are implemented, people will get caught up in the euphoria of the moment and forget what got us into such a bloody mess in the housing and financial sectors.  (“Oh, everything’s back to OK, so we can go back to business as usual!”)

“Business as usual”, as we ought to know by now, is a dysfunctional coping mechanism at best.  Common sense — as well as sound business practices, guidelines, and standards like ISO 9001 — dictates that when something bad happens as has happened in the housing and financial markets over the last two years, we take action to prevent that bad thing from recurring.

If we don’t properly or adequately analyze the problem, determine its root cause, identify the best method for eliminating that cause, and take action, next time — and our collective track record isn’t terribly promising — the ones that choose to stay with the status quo must be allowed to fail.

Do you disagree?

We’ll be releasing our updated ISO 9001 QMS Policies, Procedures, and Forms manual this week.  The ISO 9001 standard, “Quality Management Systems – Requirements”, was updated for the first time in eight years and released last November.  The changes to our manual go quite a bit further than merely substituting every occurrence of “2000” with “2008”, of course.

We now offer you a leaner manual in more than one sense.  There are fewer pages and fewer procedures in our soon-to-be-released product than in the previous version, reflecting our “lean” philosophy.

The Quality Manual reflects lean thinking most of all.  Rather than borrow the text of the standard verbatim, we stripped the Quality Manual to the bare essentials.  It’s not going to be for everyone – some will, no doubt, still insist that their Quality Manuals parrot the text of the ISO 9001 standard, so that they’re sure their Quality Management System documentation covers every aspect of ISO 9001.  Putting in a lot of verbiage that’s not required by the standard, however, can make your Quality Manual less user-friendly, less useful, and less likely to be improved.

There are fewer procedures in the new and improved ISO 9001 QMS manual.  Procedures retained are ones that many organizations consider important or critical (e.g., Internal Auditing, Corrective Action).  Those procedures are modeled on the Deming Cycle — they have a Plan, Do, Check, and Act phase.  Some procedures that aren’t typically high priority and/or that didn’t amount to much more than simple work instructions (e.g., Serial Number Designation) have been omitted.

Throughout the updated manual, we refer to ISO 9001 requirements.  The six required procedures are highlighted in the Quality Manual; they’re also the first six of the twenty-three procedures we provide.

We’ve done something new with the “Forms and Records” section at the end of each procedure.  We’re still providing sample forms for you to use, but now they’re categorized as “required” or “other” and we tell you which ISO 9001 clause requires the record.  For example, in the Internal Audits procedure, there’s a form for audit reports; the Forms/Records table tells you the report requirement is in clause 8.2.2.

We think this is a much improved product, one that will smooth the bumps in your organization’s road to ISO 9001 compliance and certification.

As always, we eagerly await your comments.

PR: wait… I: wait… L: wait… LD: wait… I: wait… wait… Rank: wait… Traffic: wait… Price: wait… C: wait…

There is general agreement among Quality Managers and Quality Auditors that process auditing is more beneficial than clause based auditing.

In clause based auditing, an organization or a segment of an organization is audited to verify it complies with a particular clause of the ISO 9001 QMS Requirements.

With process auditing, a particular process or group of processes is audited to ensure that it complies with any part or clause of the standard that applies to it.

For example, corrective action is a clause in the standard, but corrective action should also be a continual improvement process.   If you are doing a clause based audit, you would audit aspects of corrective action that are covered in the corrective action clause (8.5.2).  If you are doing a process audit of corrective action, then you would verify that the corrective action process is in compliance with all applicable sections of the standard, not just clause 8.5.2.  It could include things such as Customer focus (5.2) and Customer satisfaction (8.2.1), Competence, training and awareness (6.2.2), Control of documents (4.2.3) and records (4.2.4), Analysis of data (8.4), and (definitely) Management review (5.6).

But effective process auditing requires a good grasp of the standard, so the auditor or audit team knows which clauses of the standard apply to a particular process.  While new auditors or a newly established QMS may start with clause based auditing, the goal should be to move to process auditing as soon as the auditors and the quality team feel familiar with the standard.

As the above example demonstrates, process auditing provides a much more comprehensive and in-depth measurement of the Quality Management System, and thereby provides better value for your internal auditing efforts.

There are occasionally stories in the quality world about ISO 9001 Registrars handing out ISO 9001 certificates, but who are not properly accredited.  Believe it or not, there are unscrupulous people and businesses that are willing to take advantage of those who have not done their homework.

As many of you know, ISO (the International Organization for Standardization) is not actually involved in granting ISO certifications.  ISO creates standards, they are not in the business of enforcing them.  Other organizations actually handle the process of granting ISO certification.

Worldwide, the International Accreditation Forum (IAF) is the organization that handles all the facets associated with granting ISO 9001 Certification.  The IAF works with national or regional bodies, which in turn accredit registration bodies that go out and audit organizations for compliance to the ISO 9001 standard.

Here in the U.S., the American National Standards Institute and the American Society of Quality cooperate to form the ANSI-ASQ National Accreditation Board, known as ANAB.  They accredit registration organizations, attempting to ensure consistency and compliance in ISO 9001 registration auditing.

Make sure you registrar is ANAB accredited

When you hire an ISO auditor for ISO 9001 certification, be sure to verify that they are accredited by ANAB or whatever the equivalent of ANAB is in your country or region (you can find a list of members at the IAF website, http://www.iaf.nu/).  And your registration certificate should have the ANAB and the IAF logos on it.  Without them, you are not truly ISO 9001 certified.

Make sure your ISO 9001 Certificate will have the IAF and ANAB seals

In my role as a strategic quality consultant I have audited management systems using Sarbanes-Oxley, ISO 9001, and Malcom Baldrige criteria. Of the three, the Malcolm Baldrige criteria training and process provides the best learning experience for strategy implementation.  Now don’t get me wrong, Sarbanes-Oxley and ISO 9001 are both useful in their own right, but they both focus on details that are often times interpreted as requiring a lot of paper-based solutions and bureaucracy (of course they don’t really “require” a bureaucracy but that is how many people interpret the solution) consisting of procedures, records, or documents.

Malcolm Baldrige Quality Award

Malcolm Baldrige, on the other hand, does not imply or require that you have to have any specific procedures, records, or documents.  But it does focus on the applicant’s management system maturity.  Companies must demonstrate their process approaches, systemic deployment, cycles of learning, and how their systems are integrated together to drive the organization through the implementation of an effective strategic vision and mission.

This is my third year as a quality award examiner, and each year I learn more about strategy implementation.  Each year an examiner must apply the Malcolm Baldrige criteria to a case study and a real application.  Each year you get a chance to discuss your comments with other examiners in order to reach a consensus opinion.  And each year you get the opportunity to go on-site to an applicant’s facilities and spend time with senior management, supervisors, and employees.  These interviews allow you  to see firsthand an applicant’s strategy deployment in order to determine their strengths and derive opportunities for improvement that will allow the applicant to move on to the next level of management system maturity.

Winners of quality awards are not perfect.  But they do display some exemplary processes and performance that other organizations can learn from and model.  If you find strategy implementation to be difficult or perhaps you are unclear on how it all goes together, then I would recommend you take the time to become a quality award examiner to see how others are solving their strategy implementation problems.

Do your quality personnel speak the language of business?  Do business people speak the language of quality?  I read an interesting blog post a while back that raised this question.

The confusion highlights a core problem with ISO 9000 implementation—communication.  An effective quality implementation is really about effectively communicating with customers, suppliers, employees, and management to indentify, meet, or exceed requirements.  Quality, sales, marketing, design, manufacturing, accounting, and management must all communicate using the same language.

It starts with collecting the customer’s requirements from the customer (i.e., voice of the customer), communicating customer requirements to design/development, and design/development communicating what they think the customer wants back to the customer for confirmation through verification and validation.  Then design/development communicates specifications to purchasing, manufacturing engineering, and quality/testing to ensure it is made as designed.

Quality must communicate to management via internal audits, management reviews, and quality objectives that the system is capable of consistently reproducing the product or process.  The company communicates its consistency to its stakeholders via its quality policy, ISO certification, and management commitment.

Management communicates its quality commitment by allocating budget for continuous improvement using corrective action and preventive action, training, and infrastructure expenditures.  Waste is produced as a result of poor communication between one or more of the groups or departments within an organization.  Total up the cost of all of your nonconformities, defects, and deviations from plan and you get the cost of poor communications.

When we talk about effective communication, we are talking about a real two-way exchange of information.  Both the sender and receiver must be actively engaged and providing feedback for it to be effective.  Implement an effective quality management communication system and the savings will be huge.

Building upon my last post, I thought it would be a good idea to write a whole series of blog posts on how companies communicate quality internally. After all, isn’t that what ISO 9001 is all about—communication?

Because all of these areas were highlighted during our recent ISO 9001:2008 Certification audit—and, well, because I work here—I’m going to show you another one of Bizmanualz’s methods for communicating quality. (But as I continue in this series, I want to hear your techniques. Email me if you’d like me to interview you and brag about your awesome quality communication methods.)

If you’re in the quality field, you probably know what Kaizen methodology is. But for those like me, who had no clue, a Kaizen is the Japanese philosophy that focuses on continual improvement (thanks, Wikipedia. Also, check out this article from TheEconomist.com via @JeffreyJDavis.).

Bizmanualz Kaizen Forms

For Bizmanualz, a Kaizen is an improvement that we record, track, and follow up on to ensure effectiveness and sustainability. Kaizens can also be classified into corrective actions, preventive actions, or simple corrections.

In an effort to get the whole staff involved, we created a spreadsheet that tracks how many each employee has done for the month (the goal is two each) and the running total for the month. We also post our Kaizen forms in our office kitchen to communicate all of these improvements to the employees.

Every time we put up a new Kaizen, we also take one down and follow up to make sure the change actually resulted in a sustained improvement. Our Managing Director, Chris Anderson, even implemented an incentive system: At the end of each month, he rolls the die and one lucky Kaizen submitter receives $50! The more Kaizens implemented, the better the chance of winning.

Could your company implement something similar? How about department-wide? Let me know other ways your company is working on improving the communication process.

Sometimes when I say that phrase, “keeping with the spirit of the ISO 9001 standard,” I get long looks and contradictory comments.  After all, as we all know, with ISO 9001 auditing it’s all about specific criteria and objective evidence.  That does not align very well with the concept of the spirit of the standard, only the letter of the standard.

But consider this.  I have a friend who is an environmental engineer.  He complains that the most difficult aspect of his job is complying with long, tedious, arcane, and sometimes contradictory EPA regulations.  I sympathize with his difficulty; however, his mistake is to blame the extensive regulations on the EPA.  I argue that environmental regulations are so long and complex because every time a business and corporation exploits a loophole or missing detail, the regulation has to be revised to close the gap.  Do this for 50 years and obviously you end up with long, complex, and even contradictory regulations.

So, in my view, he shouldn’t blame the EPA for overly complex regulations; he should blame businesses, corporations, and environmental engineers who, instead of following the spirit of environmental regulations, sought to avoid compliance by exploiting loopholes, unspecific language, and missing details that have lead to this bureaucratic nightmare.

When it comes to the ISO 9001 requirements, the standard is brief and generic.  It is not full of details on what you have to do to comply.  This makes the standard very flexible so any type or size of organization can use it.  I feel this general nature of the standard makes it appropriate to talk about the “spirit” of the standard—the spirit of using a continually improving process approach to improve effectiveness and customer satisfaction.

In order to keep the standard brief and general, then organizations employing it (and auditors as well) have to keep in mind the spirit of improvement behind the standard and adhere to that, not only the literal letter of the standard.  After all, who wants to end up with an ISO Standard as difficult to navigate as EPA regulations?

When I first came to Bizmanualz, I was unfamiliar with quality management, Lean, Six Sigma, ISO 9000, and the like. After all, I was hired for writing, marketing, and website upkeep, not for my quality background. And I imagine many company employees who are not part of the quality department are in a similar situation.

However, if your entire staff doesn’t understand the utility of a quality management system, how can they be expected to implement it or even buy in to the idea of it? That’s where the internal communication comes in. How do you communicate quality to your employees? In my last post, I showed you our scoreboard, where we keep track of successes, areas of improvement, project status, etc. It’s a great way to communicate where we are and where we’re going.

ISO 9001 Internal Auditing Certificate

But there’s another method we use that ensures every single one of us understands (and uses!) our quality management system. First of all, each employee takes an Internal Auditor training class. We’re at a bit of an advantage since we conduct Internal Auditor training courses here in our office, but similar methods can be employed by your company. Find a local training class and send your employees a few at a time as you have the resources available. These classes give employees a good understanding of the process. Ours gives a thorough examination of the ISO 9001:2008 standard.

Once we complete the class, we’re scheduled to conduct Internal Audits, which Bizmanualz conducts every other month. Employees rotate, so each has the opportunity to audit and learn about different areas of quality within the company. It’s so much easier to buy in to a quality system when you can see and examine how it really works in other departments. I didn’t understand the importance of ours when I first got here. After looking at it first-hand, I realized how it streamlines everything, from producing our policy and procedure manuals to following up on customer feedback.

Is your company struggling with employees who grudgingly go along with the QMS but don’t understand it? What ways do you communicate the importance of quality to them? I’d love to hear your ideas, and I’ll follow up with more when I hear them!