Do organizations need to have their management systems certified to ISO standards?

The answer would most probably be a resounding ‘yes’ from conformity assessment bodies¹ and consultants who rely on clients planning on getting their management system certified. Having worked for a certification body in the recent past and being a strategy and management system consultant myself, I am also tempted to give an outright ‘yes’ for an answer. However, I believe it would not be professional nor ethical to push clients into getting certified when their existing management system or business circumstances say otherwise.

 

Let’s face it. Not all organizations are equipped with the necessary competence and resources to pass a certification audit, yet many are forced to do so for a variety of reasons, some of which I shall describe presently.

 

1.       It’s a requirement

The first reason is that companies are being required to get certified either by a regulatory body, the industry, or the company’s parent organization. Mining companies, for example, are required by Philippine environmental laws to be certified to ISO 14001 so they are left with no choice but to apply for certification. Many went through a really difficult time during the term of the late Gina Lopez at the Department of Environment and Natural Resources (DENR) when she implemented strict measures and requirements for mining companies to continue to operate. In recent years, I have also seen government agencies getting certified to ISO 9001 as part of a directive from their parent bodies and offices.

 

2.       The customer says so

At other times, organizations are forced to apply for certification when their customers specify third-party assessments as part of their vendor accreditation or supplier development program. Suppliers to the automotive industry know this very well since major European and American automotive manufacturers have published their own standard, IATF 16949², that they are imposing as a minimum requirement for automotive suppliers. Calibration and testing laboratories, to gain credibility to their customers, are also pursuing accreditation to ISO/IEC 17025.

 

3.       The market compels them to

In a global market, companies need to up their game or lose to their competitors. Certification becomes one of the means that companies can improve their credibility to potential customers. An independent third-party assessor that would certify a company’s conformity to an international standard becomes a badge of excellence that the company can flaunt in their bidding documents. At the same time, it also becomes a barrier for other potential competitors, effectively lowering the number of competitors that the organization needs to beat in the bidding process.

 

 

Based on my own experience, organizations tend to mention the above reasons as their main impetus for pursuing certification. I think these are all valid reasons, but there are also implications for attempting to get certified before the organization and its management system have been properly established and implemented.

 

1.       The certificate as wall decoration

Organizations who just see their certificate as a marketing tool may end up with just that – a very expensive piece of paper hanging on the wall of their lobbies to impress guests and customers alike. I always tell my clients that while certification could open the organization to different markets and could be very effective in making bidding documents more attractive, that should not be the main goal for pursuing certification.

I have heard of certain organizations who are able to acquire visually stunning certificates that turned out to be from ‘assessors’ that were not given accreditation by a member of the International Accreditation Forum³. As mentioned, these would really be just beautiful decorations that add to the overall aesthetics of the lobby, but does not improve the management system’s performance. In the long run, such practices would tend to be detrimental when customers discover that the organization is not what the certificate purports it to be. Bad for the organization, bad for the assessor.

 

2.       Not worth the investment

Subjecting the organization through a certification audit could be a stressful and expensive endeavor. Not only does the organization need to pay the CB, it will also need to allocate resources to ensure a successful assessment. In many cases, a consultant will need to be hired to increase the chances of getting certified. Hiring a consultant is no guarantee either and organizations have to make sure that the consultant they hire has the necessary competence as well as a good grasp of the organization’s business context.

For organizations pursuing certification merely for the sake of marketing, it is also worth mentioning that as with many marketing strategies, there is always the risk of not meeting the expected return on investment. While certificates can open doors to new customers, continued patronage will still be largely dictated by the organization’s performance as well as economic forces.

Unless the organization is required by law or by customers to get certified, the organization may want to reexamine their purpose for pursuing certification. In some cases, it may be more practical to focus resources on properly implementing the management system first and provide a longer timeline to prepare the organization for third-party assessment. In my experience, clients who spent longer time in establishing and improving their management system undergo a smoother certification audit. They also gain the most benefits in shaping a more effective management system that would help them realize their intended outcomes.

 

3.       Certification does not guarantee effectiveness

It’s a sad truth, but certification does not guarantee good performance. The ISO standards were developed through the consensus of hundreds of experts around the world which ensures that they distilled the most important global practices into the requirements, but it is still the organization that implements the management system according to the standard. ISO standards and certification should be seen as tools and not solutions to the problems of the organization. Fortunately, the ISO standards when implemented properly, does enable organizations to significantly enhance their performance and improve chances in meeting the intended outcomes of their management system. The continuing popularity of ISO standards and the growing number of companies getting certified should also give credence to the benefits of certification. Third party assessment when done by a truly competent certification body also serves to validate that the organization is indeed implementing a management system that is conforming to an international standard.

 

 

To answer the question as to whether the organization’s management system needs to be certified, I have to say that it’s a qualified ‘yes’. The organization could gain a lot of benefits to having their management system certified, but the organization also needs to understand that certification is not a panacea to all its ills. Given the amount of resources to be invested on the endeavor, the organization needs to examine their purpose for applying for certification, whether they have the necessary competence and adequate resources to invest, and finally, whether they are fully committed to establishing, implementing, and continually improving their management systems.

 

For elearning courses on ISO management systems, I highly recommend the following website: https://courses.eddams.com/. They have free mini-courses that are very informative and also a good way to test the waters before registering in any of their paid courses. If you don't have budget for the paid elearning courses, they also occasionally offer coupons and freebies.

Notes

¹Conformity assessment bodies (CAB) are also more commonly known as certification bodies or CBs.

²Technically, IATF 16949 is not an ISO standard, but it used to be ISO/TS 16949 before the International Automotive Task Force decided to publish their own standard in 2016.

³The International Accreditation Forum (IAF) is composed of accreditation bodies (usually national agencies) who accredit certification bodies based on the latter’s competence and impartiality to conduct assessments. The members themselves conduct peer evaluations to ensure each other’s competence. The Philippines is represented in the IAF by the Philippine Accreditation Bureau (PAB) of the Department of Trade and Industry (DTI).