ISO (the International Organisation for Standardisation) was founded in the 1940s with the intent to break down global trading barriers at a time when the world economy was faltering. Since then the body has published nearly 25,000 International Standards covering almost all aspects of technology and business. Today, companies that apply these standards in their business are able to give their customers and regulators assurance that their products and services are safe, reliable and of consistent quality. ISO sets the standards, but it is not the certifying body. Instead, this is the responsibility of specialist agencies across the world, who inspect, audit and certify companies against the standard. At a cost.
For agile and entrepreneurial SMEs this presents a dilemma. They don’t want to get bogged down in expensive, long-winded and bureaucratic exercises. However, the modern supply chain represents unprecedented opportunities for them to work with (and compete against) big players in many sectors. Often, gaining ISO certifications is the best way to demonstrate a commitment to specific standards and the ability to deliver quality products; a doorway into lucrative new sectors and supplier relationships.
But it’s not just the ability to demonstrate this commitment that can give a competitive edge to ISO certified companies, but instead the change in ‘organisational thinking’ that it entails.
The ISO standards consist of requirements, specifications and guidelines that help businesses:
Even so, many smaller and leaner companies still ask themselves whether gaining ISO certification is worth it - or even possible to attain without significant commercial disruption.
While ISO standards might once have been designed with big businesses in mind, the latest standards such as ISO 9001:2015 encourage a scalable approach to meeting standards through a process of risk-based thinking and continuous improvement. Much of their emphasis is on improving the quality of products and services through greater efficiencies and clarity of process. This is achieved with a constant customer focus designed to decrease the risk of product failure and potential harm to individuals.
In this way, the standards themselves are increasingly not just a badge of compliance or consistency that other businesses and customers can rely on, but an opportunity for companies to develop systems that are more resilient, efficient and productive.
ISO 9001:2015 is a formalised system that documents processes, procedures and responsibilities for achieving quality policies and objectives. The benefits of compliance with the ISO 9001 standard have been covered elsewhere in this blog but include the following:
And these can quickly translate into tangible ‘bottom line’ benefits. For example, the BSI say that half of the businesses who gained certification through them, reported measurable improvements in the delivery and sales of their products and services.
Document control requirements in ISO 9001:2015: What you need to know
The ISO 27001:2013 standard contains guidelines specific to data privacy and security. It encompasses the implementation, management and continuous improvement of an organisation’s information security management system (ISMS).
Compliance with ISO 27001 indicates an organisation has implemented processes and procedures that protect customers at every point of contact. This holistic approach to information security protects against dangerous and expensive breaches - and should be a company wide initiative.
In the modern tech sector highly sensitive personal data is routinely collected by even the smallest companies via a range of digital channels, platforms and hardware. Knowing that the highest standards are always being applied to its secure handling can give unrivaled confidence to customers, partners and potential investors. It can represent a real competitive advantage for a company with ambitious plans to expand the way they collect, use and store data over time.
ISO 14001:2015 is intended for organisations to set up, improve or maintain an environmental management system to conform with established environmental policies. It helps companies develop policies to:
ISO standards like the ones above are designed to help companies develop a road map to achieve and maintain their business objectives.
And its the processes that drive the adoption of these standards and their expected outcomes that are key here. They often hinge around Plan Do Check Act (PDCA) cycles, that aim to create measurable and continuous improvements in specific aspects of a company’s operations.
They are frameworks for gaining competitive advantage that many businesses can benefit from, regardless of whether they are actively seeking ISO certification.
The PDCA cycle is an iterative approach for achieving a particular objective. The model involves specific tasks that need to be planned, tested and then analysed for effectiveness. This is how new processes and procedures can be conceived, implemented and become part of the way your organisation works:
With opportunities for proper planning and review, a PDCA cycle enables businesses to continually benchmark their achievements against their competitors, as well as their internal goals.
The ability to document and then implement these kind of improvement cycles will make all the difference when it comes to discovering ways of working that deliver better results.
Setting up a flexible, process-driven, Quality Management System underpinned by robust document control tools is one way you can begin to plan, implement and measure the impact of new initiatives in the way described above. Adopting this kind of software early on could help you achieve many of the behavioural changes in your organisation that will drive efficiencies and continual improvement. This maybe a requirement of many of the ISO standards, but it's also a sensible and scalable approach to gaining and maintaining a competitive edge.
There are many advantages to gaining an ISO certification. These include:
But there’s no doubt it’s an enormous commitment that requires buy-in and participation from every person working at all levels in an organisation, especially executive management.
ISO certifications might be useful credentials for winning business, but it’s the mindset, processes and procedures that the standards require which will lend the real competitive edge to your operations. And if you’ve adopted that mindset early on, aided by the right digital tools, it’ll be a natural progression to achieve the certification that will prove it to the world.