By Krishnan Puthucode, CEO, Software Quality Centre
We hear many companies routinely in several industries that always claim to have all the necessary regulatory and Quality compliance where it is needed, in order to be able to bid on contracts. Many Governments and commercial companies engaged in buying services., or products especially in software or systems., set basic expectations of their suppliers to meet some bare minimum set of standards such as ISO 9001., or ISO 14000, or Capability Maturity Model Integration (CMMI) maturity level rating or equivalent, to be able to bid and run contracts.
We also hear and see many companies that are focused on this alone – i.e. to get the bare minimum required, at the last minute to be able to qualify to bid on contracts and win orders. This phenomenon is not new. It has existed since many decades. Let us look at the history of how some of the world’s best standards and models on Quality and compliance were developed.
ISO 9000 was first published in 1987 by ISO (International Organization for Standardization).[It was based on the BS 5750 series of standards from BSI that were proposed to ISO in 1979. However, its history can be traced back some twenty years before that, to the publication of government procurement standards, such as the United States Department of Defense MIL-Q-9858 standard in 1959, and the UK’s Def Stan 05-21 and 05-24.
The global adoption of such standard and models may be attributable to a number of factors. In the early days, such requirements were intended to be used by procuring organizations, as the basis of contractual arrangements with their suppliers. This helped reduce the need for “supplier development” by establishing basic requirements for a supplier to assure product quality.
A few years later, the UK Government took steps to improve national competitiveness following publication of cmd 8621, and Third-Party Certification of Quality Management Systems was born, under the auspices of the National Accreditation Council of Certification Bodies (NACCB) which has become the United Kingdom Accreditation Service (UKAS).
In the United States., the Department of Defense led the development of many such models, primarily to improve competitiveness of their suppliers and set a basic set of measures that they could look at for evaluating suppliers – to establish a common set of “rules” if you will., to level the ground to evaluate contractors. The Capability Maturity Model (CMM) was first developed in late 80’s and since then has evolved into what is now the new CMMI V2.0 release.
Eventually, companies using these standards also started getting real benefits both in terms of tangible new contracts, but more in terms of improving their repeatability in processes and being able to apply the same minimum set of processes to all work they do. This was one of the intents of the models and standards to help improve the performance of work., so customers can rely on the processes, rather than individual smart people alone.
Over the past few decades, there have been a multitude of improvements and efforts across the world., to leverage off these basic models such as ISO series., Capability Maturity Models (CMMs) and the like., to develop similar frameworks for other areas such as Business Development, Software Testing, and more recently Cyber Security., Smart grids, Data management and many others. There have been several conferences around the overall theme of “Quality” or process or Capability., around the world to learn, spread the knowledge, and help network professionals in the industry and academia working on this area.
An often less emphasized part of all this, is the use of such models for its real intent – which is to help businesses cut down on being bureaucratic. Different industries have different complexities of their customers, the work they do, the products and services they deliver. This can lead to developing overly complicated processes., which produce more burdensome processes.
We see this more often today, in the 21st century., with the rapidly evolving global economy (&changing), with hundreds of new start ups competing and thriving, which hence all approach this from a bare minimum compliance mind set to “get into the market” faster rather than focus on turning this in to a strategic advantage.
Here are the main success factors that can help your business, large or small, start up or established, or as a professional or engineer working in such businesses to help realize the true benefits of Quality improvement and sustain it, to benefit the business:
1. Focus on the “efficiency” of day to day workflow., when establishing processes – ask the simple question – “how will this process (or sub process) make my work better, faster?” rather than asking “ will this meet the requirement to be compliant with the standard”. The former will focus on developing processes that work for your users. Don’t build processes that will be volumes of books of documents or buy expensive tools., but think about using the workflows and graph the process flow, to keep it simple and smart. Process flow charts are a great way.
2. Engage your team (engineers) that will own and use these processes to define and establish your processes rather than an independent set of people in a separate department (such as Quality dept.) or engaging an external consulting firm, or one that sells “pre-packaged” set of processes supposedly compliant to models/standards. Engineers that realize that these processes will need to be used and owned by them, are more likely to make things more efficient rather than just for the sake of compliance.
3. Define tangible business and project success measures and metrics to define what will need to be met in terms of goals, what needs to be improved., how, and why it needs to be improved. This will help connect processes that are critical to helping achieve these goals accordingly. On the contrary, if the focus is only on building processes for compliance, it will likely satisfy the auditors but not your customers.
4. Focus on the long term, not the short term. This means, think about long term sustainment of process fidelity not just short-term compliance to meet the current audit on the horizon to obtain the certification or the rating. If it doesn’t sustain beyond the audit, it will likely fail and has wasted all of your effort and money.
5. Get up to date on the latest technology and best practices out there in the industry. Learn and invest in sending some of your Quality professionals and engineers to attend conferences and training., to learn the latest methods and processes and standards, so you are not using an obsolete one. Standards and models have evolved quite a bit., it is critical to know the latest and greatest in models and standards world to leverage off.
6. Lastly, be sure to boast about real tangible benefits you have accomplished for your business by use of quality models, methods and tools. This will connect the business teams to your engineers and they all will come closer to developing a shared vision of the Quality program.
If you have an interesting article / experience / case study to share, please get in touch with us at editors@expresscomputeronline.com
thanks
Hi,
Thanks for sharing this post
Good article, important to say that ISO has work hard in corporate governance too, such as ISO 37001 Anti-bribery Management Systems, also we are working in the review of Compliance Management Systems, among others.