Theodora Rondozai
September 17, 2019
Some years ago, I worked for a certification body as an auditor. While conducting an ISO 9001 certification audit on a client, it became clear that the main auditee was the ISO 9001 implementation consultant who had “installed” the management system. We explained that we needed to speak to the process owners, i.e., the users and owners of the system, but the consultant continued to lurk and cut in to answer questions on behalf of the company employees, who obviously knew very little. Needless to say, this audit did not go well.
When an organization finds itself in the position of needing to implement ISO 9001, they may not have the internal skills to do so without outside help. The obvious answer to the obvious question of “Where do we start?” becomes “Get a consultant.” However, this answer is premature. Instead, a follow-up question should be: “Do we really need a consultant?”
The decision of whether to hire a consultant or to “do-it-yourself” should only be made after careful consideration. The wrong decision can be costly and fail to deliver the desired results. Keep in mind that the motivations for implementation and certification vary.
In particular, if the implementation driver is external (e.g., certification is demanded by a key customer as a condition of being included on an approved suppliers’ list), and there is only rudimentary knowledge of what ISO 9001 actually is, and there is deadline pressure, then the inclination will be to put yourselves in the hands of the consultant who promises to install a “ready-to-use” system in the shortest possible time and with minimal disruption and demands on you. So, think twice before you hire someone.
What’s wrong with this approach, you might ask? If you pay a consultant a lot of money, isn’t their job to do everything for you, including creating all of your documented information and getting you through the audit so that the certificate is on the wall? However, this provides a false sense of security. If your auditors are not too fastidious, you might just get through the initial audit and get certified. But if there is no understanding, buy-in, or ownership from the company employees, this kind of “parachuted system” is of limited viability. And, what about the next audit and the one after that? Will you continue to be helpless unless the consultant is there to hold your hand?
So, what kind of consultant should you seek? The best kind of consultant is the one who builds capacity in their client’s organization by first training people and equipping them with the knowledge to understand the standard sufficiently to build their own value-adding system. The starting point should ideally be the organization’s top management. They must clearly understand their role, particularly in determining the organization’s intended results and establishing the organization’s context (ISO 9001:2015 clause 4) and quality policy (ISO 9001:2015 clause 5.2). A cross-functional team of implementers should then be selected and trained. This team will then go through the implementation steps with the desired level of guidance, review, and monitoring from the consultant.
In selecting a consultant, it is worth considering at least the following questions:
1) Does the consultant have a track record of successful implementations? References should be checked.
2) What is the consultant’s background? Ideally, you want someone with wide experience and/or a background that matches your industry. This will determine how well they understand your business. They will be well-placed to advise how best to apply the generic standard requirements to your processes. A former industrial chemist may not be the best fit for an IT company, nor an engineer for a marketing company.
For more questions, download this free List of questions to ask your ISO 9001 consultant.
There are two other alternatives, which involve no consultant at all. The first includes nominating some employees to attend public courses such as the ISO 9001:2015 Foundations Course, ISO 9001:2015 Lead Implementer Course, and ISO 9001:2015 Internal Auditor Course. Thereafter, these people should be adequately competent to develop, implement, and maintain the system.
The second option involves using toolkits that are available online. These toolkits provide step-by-step guidance on the implementation of ISO 9001. The guidance will, out of necessity, be generic, so if you need help to problem solve or answer specific questions during the project, there is also the option to purchase more personalized guidance in addition to the generic toolkit.
When all is said and done, the best course of action is the one that suits your organization best. In fact, many organizations choose to go for a combination of the solutions described above. Because every organization is different in size, purpose, culture, etc., there cannot possibly be a one-size-fits-all prescription.
To learn more about the implementation without a consultant, download this free white paper: Implementing ISO 9001:2015 with a consultant vs. DIY approach.