In this blog, CertiKit’s technical author Ted Spiller who is an experienced ISO auditor, talks us through some of the main reasons why ISO management systems fail.
Certifying your organization to an ISO management system can be an involved task, no matter whether you take the route of outsourced consultancy, a toolkit, or the do-it-yourself method. The process involves creating new procedures and policies, management reviews, internal audits and of course the certification itself. The time and money spent to implement the management system can sometimes be wasted as once certified it doesn’t get used as a working system.
A management system is only as good as the people using it. If senior management do not use staff to their full advantage, or don’t know what to expect from them, the system is doomed to fail. If staff are not aware of their responsibilities and inputs to the management system again it is on the road to failure.
Any system must be driven, policed and more importantly embedded! Miss any of these three aspects and the system will just stop. Commitment across the whole business, from top to bottom, is crucial for success.
We’d advise that all staff be involved during implementation so they can understand what it is all about, use their knowledge to craft their procedures and feel part of the process. During embedment the system must be tested, developed, tweaked, and accepted by staff as a core part of their roles.
Implementation and more importantly embedment are the foundations that should mould the system to the business. Many businesses think that getting all the documentation in place within a week, a month or six weeks is enough to gain certification for some management systems. And, if the certification body decide to overlook the required amount of evidence to prove the system is being used fully, then a certificate will be issued. However, the system will likely fail the next audit as it hasn’t been embedded properly, it isn’t second nature – it is a chore that can be forgotten about.
Regular health checks of the management system are crucial. Internal audits not only check that employees are following Standard Operating Procedures (SOPs), but also highlight areas for improvement. The whole system should be looked at on a regular basis too. We’d recommend management review meetings every 6 to 12 months and these should look at the bigger aspect, involving each department to identify any issues or opportunities for improvement.
So, for those thinking of certifying to an ISO management system, or those businesses that already have one in place but the system is not working, here are the top reasons why they fail to look out for:
A management system that is fully implemented and embedded into a business will give the business all the benefits and confidence it is designed to do. If you’re looking to improve your management system or implement a new one, CertiKit can help! Our toolkits are aligned to meet the requirements of the ISO standards and provide comprehensive documentation and support to allow your team to become fully involved in the implementation and embedment processes.