Full Issue PDF

Vol. 5, No.
July-August 2005
IMS
ISO Management Systems
When Results Count. ISO Standards.
ISSN 1680-8096
Auditing
ISO 9001
at the
sharp end
ISO 22000 update

QMS and products
ISO 14001 survey in GB
and China
Services in
Singapore
Get me the money !

ISO Management Systems July-August 2005 1
ISO/IEC 17025:2005. The international accreditation

standard for competent laboratories.
Confidence in the competence of laboratories

is frequently needed
Competent laboratories operate to

International Standards.
by businesses when testing new products, or

ensuring that finished products are fit for sale
Competent laboratories operate to

ISO/IEC 17025:2005.
by government regulators and trade ofcials

who require assurance about domestic or
imported products before they can be placed
on the market
by consumers and users of products who
need assurance about the quality and
reliability of testing and analysis relating to
environmental, health or safety hazards.
Available from ISO national member institutes

(listed with contact details on the ISO Web site :
www.iso.org) and from the ISO Central
Secretariat Web store at www.iso.org or
by e-mail at sales@iso.org.
EDITORIAL
by Roger Frost
How quality information helped

save police officers life
aturally, most readers of ISO Management Systems

would pay close attention if they met someone who
had been shot and wounded three times by a gunman
and who said he believed that if not for ISO 9001:2000, the
encounter could have been fatal.
In fact, readers who have been with us since May-June 2004
do know such a person. Matt Morgan was one of the officers
of the Phoenix Police Department (PPD), Arizona, USA,
who posed for the front cover photograph, illustrating the
ISO 9001:2000 implementation case study by the PPDs
Records & Idenification Bureau.
One of the points made in that article,
contributed by the PPDs ISO 9000
Management Representative, Dave Amari,
was that if the information products and
services of a unit like the R&I Bureau are
not up to standard, the consequences for
police officers and the communities they
serve are potentially devastating . Just a
few months later, Officer Morgan found
himself providing a dramatic example.
Fortunately if it is possible to describe

such an incident in this way the example
was a positive one. The system worked,
as Matt Morgan testifies in the Viewpoint
column of this issue (pp. 5 - 8).
Although he was seriously wounded,
the incident could have been not dramatic,
but tragic and Officer Morgan could have
been a fatality among the statistics of law
enforcement officers who pay a price for
going in harms way to protect fellow
citizens.
Therefore, Matt Morgan contacted his radio dispatcher to

ensure that back-up was on the way before proceeding with
maximum vigilance to stop the suspect vehicle. He recalls,
The information I received on my patrol car computer
basically alerted me to be ready for anything and anything
is what happened !
As the two cars came to a halt, the suspect suddenly exited and
immediately opened fire. In the exchange of gunfire, Officer
Morgan was hit three times, but managed to disable his attacker. The wounded police officer, with the assistance of a courageous citizen, kept the suspect covered until fellow officers
arrived in response to his call for back-up.
Matt Morgan declares, If I had not received the correct information, I might have treated the situation differently and it
could have easily resulted in my death.
My situation was by no means extraordinary as officers across the United States
face situations such as mine on a regular
basis. We depend on accurate information
about subjects that we contact on the
streets, or due to a call for service.
The ISO 9001:2000 quality management
system implemented by the PPDs
Records & Information Bureau helped to
ensure that timely and accurate information was supplied to Officer Morgan and
that information was one of the factors
that he affirms helped save his life.
The ISO 9001:2000 QMS

helped to ensure that
timely and accurate
information was supplied to
Officer Morgan
This is what happened. Officer Morgan was

on patrol when he decided to check a vehicle
and its driver. Before doing so, he followed
procedures by checking the vehicles licence plate via the
Mobile Data Terminal in his patrol car. The information
came back that the licence plate was ficticious, which could
indicate a number of scenarios, from a citizen trying to evade
paying vehicle tax, to use of the car by a criminal.
Let us not overstate the case. Matt Morgan

also owes his life to the protection afforded
by his ballistic vest, to the emphasis during
his basic training on safety, to his respecting procedures for affronting a potentially
dangerous situation while the intervention
of a citizen by the name of Cipriano C.J.
Garcia reminds us that the man or woman
we pass in the street without a second glance
could prove to be a hero only seconds later.
At the same time, let us not understate the

case. As Officer Morgans story illustrates
quality counts. Quality can even be a matter of life or death.
And what of Matt Morgan himself ? The latest news that he gave
ISO Management Systems was My recovery is still progressing
and I am probably only 4-6 weeks away from jogging !
What sort of manager are you ?

Type A or Type B ?
AB
Option B
Option A
I take the strategic view. My goal is sustainable business without polluting or depleting the
environment. I save money by cutting waste and
making efficient use of resources. I respect the
environmental concerns of customers, shareholders, employees, regulators, local communities, and
society as a whole.
Im focused on my own short-term goals.

The future can take care of itself. Waste, finite
resources and the environment are someone
elses problem. Good corporate citizenship is just
window dressing.
If you ticked Option A, then running a business

that meets the requirements for sustainable
development is your objective. ISO has a road
map to get you there :
ISO 14001:2004, Environmental management systems

Specification with guidance for use.
ISO 14004:2004, Environmental management systems
General guidelines on principles,systems and supporting techniques.
Newly revised Globally relevant Even clearer

Still more compatible with ISO 9001:2000
For A class managers !
Available from ISOs national member institutes

(listed with contact details on the ISO Web site : www.iso.org)
and ISO Central Secretariat (Web store + sales@iso.org).
CONTENTS
VIEWPOINT
Wounded police officers perspective on ISO 9001:2000

In Spring 2004 in Arizona, USA, Matt Morgan was one of the police officers that
posed for the cover photo of ISO Management Systems to illustrate an article on the
ISO 9001:2000 implementation by the Records and Identification Bureau of Phoenix Police Department. In Autumn 2004, Matt Morgan was shot and wounded in the
line of duty. It is worth paying attention to his viewpoint on ISO 9001:2000.
SPECIAL REPORT
ISO MANAGEMENT
SYSTEMS is published
six times a year
by the Central
Secretariat of ISO (International
Organization for Standardization)
and is available in English,
French and Spanish editions.
Publisher : ISO Central Secretariat,
1, rue de Varemb, Case postale 56,
CH-1211 Geneva 20, Switzerland.
Tel.
+ 41 22 749 01 11.
Fax
+ 41 22 733 34 30.
E-mail central@iso.org
Web
www.iso.org
Editor in Chief : Roger Frost.
Contributing Editor : Garry Lambert.
Artwork : Pascal Krieger,
Pierre Granier.
A one-year subscription
(six issues) to ISO MANAGEMENT
SYSTEMS costs 128 Swiss francs.
Subscription enquiries : Sonia
Rosas-Friot, ISO Central Secretariat.
Tel.
+ 41 22 749 03 36.
Fax
+ 41 22 749 09 47.
E-mail sales@iso.org
Advertising enquiries :
SOGI Communication, 103, rue La
Fayette, 75481 Paris cedex 10, France.
Contact : Martin de Halleux.
Tel.
+ 33 (0)1 42 81 94 00.
E-mail halleux@qualite-references.com
and
ISO Central Secretariat,
Case postale 56, CH-1211 Geneva 20,
Switzerland.
Contact : Ms. Gisela Helberling.
Tel.
+ 41 22 749 02 58.
E-mail helberling@iso.org
Management take control of your audit process !

What is the fundamental purpose of auditing ? According to author of this article, it is to
provide managers with information to assist them to make business decisions . He argues
that senior management need to be firmly in the driving seat of the internal audit process.
Auditing
Good practice for establishing the competence

of certification body auditors
Effective accreditation is essential for audit competence
US adds guidance to ISO 19011 for internal and client audits,
plus SMEs
ISO 9001:2000 auditing kit extended to best accreditation audit
practices
ISO INSIDER
28
ISO 22000 standard for safe food supply chains Get me the money ! How quality
management systems can yield financial and economic benefits Guidance on the role
of QMS in product certification New edition of influential ISO/IEC standard on
competence of laboratories
INTERNATIONAL
35
Survey compares ISO 14001 experience in United Kingdom and China

Nothing beats the test of experience. A recent survey compares
the experience of ISO 14001 users and non-users in the United Kingdom and in China. Its author concludes that ISO 14001
can help an organization make real progress towards sustainable development.
Overcoming language and literacy barriers to ISO 9001:2000 implementation

ISO 9001:2000 quality management systems are documented. What happens when the
organizations work force is semi-literate ?
Santander Serfin takes ISO 14001 lead in Mexican banking sector

Mexican bank Santander Serfin has taken the lead in its sector, responding to top-of-theagenda governmental and public concerns about the environment by becoming the first
banking institution in the country to implement ISO 14001.
ISO, July-August 2005.

The views expressed in ISO
MANAGEMENT SYSTEMS are those
of the authors. The advertising
of products, services, events or
training courses in this publication
does not imply their approval by ISO.
Cover photo: ISO
STANDARDS FOR SERVICES
44
SPRINGs harvest of standards for Singapores service economy

With the service sector contributing 62 % of Singapores gross domestic product (GDP) and
77 % of employment, the Singapore Government places great emphasis on the development
of standards for services.
NEXT ISSUE
48
in 5
n
o
ti 200
a
c
i
l ber
b
u
P tem
Se p
Failures
in food
safety can
be dangerous
and cost you plenty !
Make sure there are no weak links in

the food supply chain...
Get the security of ISO 22000,
Food safety management systems !
For a free foretaste, see our press release on ISO Web site :
http://www.iso.org/iso/en/commcentre/pressreleases/2005/Ref959.html
ISO 22000 standard for safe food supply chains
VIEWPOINT
In Spring 2004 in Arizona, USA,

he was one of the police officers
who posed for the photograph
used on the cover of ISO Management Systems to illustrate
an article on the ISO 9001:2000
implementation by the Records
and Identification Bureau of
Phoenix Police Department *.
Seen from the front line

Viewpoints and ISO 9001:2000
implementation case studies
are usually contributed by top
or middle managers. The perspective of front line staff
is rarely given directly. Matt
Morgan is very much in the
front line.
Dean Oestreich
Wounded
police officers
perspective
on
ISO 9001:2000
When I was asked to pose

for the cover of a magazine
I replied, Sure, but it will
be on the clock right ? My
next question of course was,
What publication is it, and
how famous will I be ? I was
told the May-June issue 2004
of ISO Management Systems.
No one had a comment on the
level of fame.
by Matt Morgan
The ISO 9000 philosophy has, and

will continue to
save my life, and the
lives of my fellow officers
across the country
Officer Matt Morgan, of the

Phoenix Police Department,
Arizona, USA, was shot and
wounded three times when he
proceeded to investigate a
suspicious car and driver.
He says that without the timely
and accurate information he
received prior to this intervention,
the consequences could have
been fatal. Matt Morgan affirms
that the improvements in
providing such information
achieved by ISO 9001:2000
can be a life saver for law
enforcement officers.
As a patrol officer with the

Phoenix Police Department in
Phoenix, Arizona in the United
States I had seen and heard a
lot of things, but ISO 9001:2000
was not one of them.
It was explained to me in laymans terms by Dave Amari, of
our Records and Identification
Bureau, and ISO guru that it
is a system that assists organizations in developing best
In Autumn 2004, Matt Morgan

was shot and wounded in the
line of duty. It is worth paying

attention to his viewpoint on
ISO 9001:2000.
* See Phoenix Police Department
counts on ISO 9001:2000 24/7,
ISO Management Systems, MayJune 2004.
Contact : David M. Amari,
ISO 9000 Management Representative, Phoenix Police Department.
E-mail david.amari@phoenix.gov
Web www.phoenix.gov
Officer Morgan with courageous citizen Cipriano C.J Garcia who

provided assistance to the wounded policeman. He approached
Matt Morgans assailant, who was lying wounded after an exchange
of fire, and kicked his weapon towards the officer. He then reloaded Officer Morgans own pistol so that the latter could keep the
suspect covered until police officers arrived in support.
business practices in an effort
to consistently determine and
meet customer needs.
Our police department would
be the first in the United States
to implement a quality man-
agement system. Overall, I

didnt understand what ISO
9001:2000 meant to me as a
patrol officer on the street.
It sounded like a good thing
for our Records and Identification Bureau, but it didnt
VIEWPOINT
Mobile information before

an intervention, officers use
a mobile data terminal for
information vital to the way
they will intervene.
My day depends on the correct entering of information

such as names, date of birth,
address, physical description,
6-7 digit license plates, and
17 digit Vehicle Identification Numbers or VINs. This
includes catching the mistakes
of others and correcting them
quickly.
In addition to those basic ways
to identify a vehicle or person,
there is also the information
about that person or vehicle.
An example of this would be
the mental condition of the
subject, his/her violent tendencies, and whether or not they
are known to carry a gun.
Also, important information
about a vehicle may include
whether it is stolen, recent-
Photo credits
seem like it would affect me
in any way.
Saves lives
I couldnt have been more
wrong. Not only is the ISO 9000
philosophy important to many
of my daily tasks, it probably has, and will continue to
save my life, and the lives of
my fellow officers across the
country.
6 ISO Management Systems July-August 2005
This results from the Records

and Identification Bureau, or
R&I, striving to be accurate,
complete, and timely in everything they do. Without the
accuracy, I would perform
a traffic stop on a vehicle,
check the license plate on the
computer, and approach the
driver not knowing if I have
stopped a little old lady or
a dangerous criminal in a stolen vehicle.
The photos illustrating this Viewpoint were staged by the members of Officer Matt Morgans
squad, Phoenix Police Department (PPD), Arizona, to illustrate the types of situation that
police officers may be faced
with when checking vehicles
and their drivers. They also
show the information interface,
examination of data and report
writing to which ISO 9001:2000
can add value. The photos were
taken by Kevin DeNomie, of
the PPD.
Important information about a vehicle may include

whether it is stolen,
recently used in a violent
crime, or may contain a
dangerous suspect
ly used in a violent crime, or
may contain a dangerous suspect known to drive the vehicle. That information completely changes the way I physically
approach a vehicle. It can range
from wary and polite, to forceful with my gun drawn.
Dangerous situations
I should preface the preceding
paragraph with the fact that the
traffic stop is one of the most
dangerous situations a police
officer can encounter while on
patrol. I know this at first hand
as I was shot three times during
a routine traffic stop.
In reality, there is no routine
traffic stop as one never knows
what may happen on approach
to a vehicle. That is why accurate
information is critical to give
law enforcement every advantage over the bad guys .
In my situation, I checked, or
ran , a license plate on my
Mobile Data Terminal in my
patrol car. When the information came back to me, I discovered that the license plate was
fictitious, or in other words did
not belong on the vehicle that
I was stopping.
This tells me many things, such
as that it could be a person
VIEWPOINT
Model for law
enforcement agencies
trying to avoid paying registration fees by using a plate

from another car they own,
or it could be a stolen license
plate, or it could possibly be
a stolen car as criminals will
switch plates from other vehicles hoping no one will notice
and place them on the one
that they had stolen in hopes
of avoiding the police.
The Phoenix Police Departments

Records and Identification
Bureau believes itself to have
become the first law enforcement agency in the United States to achieve ISO 9001:2000
certification. In preparing for the
certification, the bureau found
440 ways to improve efficiency,
while one section of the Crime
Lab found 134 procedures to
improve upon.
I let my radio dispatcher know

about the situation which
meant that back-up would be
on the way. The information I
received on my patrol car computer basically alerted me to be
ready for anything and anything is what happened !
Since then, the department has

expanded the application of the
ISO 9000:2000 Quality Management Principles to the Investigations Division, Property (Evidence) Management Bureau,
and additional sections of the
Laboratory Services (Crime Lab)
Bureau.
The driver of the vehicle immediately exited his car as we

stopped our vehicles. He was
holding a gun and fired at me.
I returned fire, and was able to
disable the suspect enough to
In addition, the Phoenix Police Department has become a

model which other agencies
across the United States are inspired to emulate.
save myself, and with the help

of a courageous citizen named
C.J. Garcia, we kept the suspect
covered until he was taken
into custody.
A crime lab criminalist examines

firearm data.
(Above right) When a serious traffic
offence occurs, police procedures
require a felony stop .
If I had not received the correct information, I might have

treated the situation differently
and it could have easily resulted in my death.
The traffic stop is

one of the most
dangerous situations a police officer can
encounter
and they could face dangerous criminals from our state

in their hometown.
In the United States, every
person is guaranteed a fair
and speedy trial. What underlies this is that getting to that
fair and speedy trial can take
months, or even years. Most
cases arent solved in a matter of a few days, and the suspects are never as cooperative
as they are on television.
My situation was by no means

extraordinary as officers across
the United States face situations such as mine on a regular basis. We depend on accu-
Investigative management is an
important part of law enforcement. Cases are delayed when
information and physical evidence are not readily availa-
rate information about subjects

that we contact on the streets,
or due to a call for service.
ble, or cannot easily be processed. Further delay occurs

when the crime labs cannot
keep up with the workload
because operating procedures
are creating a backlog of evidence to be analyzed.
We need to know if the particular individual whom we are

contacting has a felony (serious crime) warrant, violent tendencies, or is mentally unstable or disabled. As mentioned
earlier, the information affects
officers across the nation as
certain information is inputted into a national database
Every aspect
ISO 9001:2000 can be applied
to every aspect of criminology,
from securing the crime scene
VIEWPOINT
to the conviction in court, using

process mapping to develop
the most efficient procedures
to solve a crime. Regardless of
which crime-solving procedure
is being developed, the quality
records that document police
activity for future reference
continue to be associated with
paperwork.
Matt Morgan (third from left)

and his fellow officers of the
Phoenix Police Departments
41Z Squad.
On the road to
recovery
If I had not received

the correct information, I might have
treated the situation
differently and it could
have easily resulted in my
death.
I grew up in the state of Missouri writes Matt Morgan, and

received a Masters degree in
Education before moving to
Arizona and joining the Phoenix Police Department and
receiving my commission in
March of 2001.
Paperwork is a necessary evil

for a patrol officer. Most of us
signed up to catch the bad
guys and put them in jail. In
the police academy, we all pictured ourselves chasing a suspect on foot through a busy
street, following a stolen car
in a vehicle pursuit, or tack-
Regarding his injuries, he

said : I recovered at home for
approximately five months, and
I am currently assigned to light
duty (desk work) status within
my detail 41Z squad in the
South Mountain Precinct where
we are assigned to patrol City
Housing and the homeless shelter areas. I should make a full
recovery within one year of
sustaining the injuries.
ling the suspect that had just

fled from the home he was burglarizing and we were trained
to do so.
gations that will take dangerous persons off of the street

before they can continue to
victimize citizens.
I have done all of those things

and more, but none of us pictured the hours of paperwork
and booking procedures that
follow the three or four minutes of an adrenaline rush.
Safety is the first thing a police

academy recruit is taught
both physical and mental
aspects. The ISO 9001:2000
standard and our organization being registered to it play
a vital role in how we assess
situations and develop ways
to approach every situation
with the accurate information
given to us.
This is where standardization of forms, procedures, and

report entry can save time,
money and lives as police officers will be back on the streets
faster after the arrest. It is not
unusual for an officer to be tied
up after an arrest for four hours
or more to book the prisoner
into jail and create the necessary reports.
Accuracy and speed of information entry and dissemination not only affect the safety of the police using it, but
facilitates more rapid investi-
Arresting criminals is the most

visible aspect of police work
in addition, officers can spend
considerable time on the associated paperwork.
ISO 9001:2000 can

be applied to every
aspect of criminology
Law enforcement is a rewarding job with many benefits, and
providing officers with every
advantage they can have over
the bad guys will help us go
home to our families every
day.
SPECIAL REPORT
Management take control of your audit

process !
What is the fundamental purpose of auditing? According to this author, it
is to provide managers with information to assist them to make business
decisions. He argues that internal auditing will only generate significant
benefits to the organization if senior management are firmly in the driving
seat of the audit process.
Auditing is recognized today

as an extremely powerful
technique that may be used
by managers alongside other
techniques to ensure adequacy
of operations and assist in the
achievement of objectives.
by Nigel Bauer
Nigel Bauer has over 25 years
of practical management systems
and audit experience gained
initially in major high technology industries, and over the last
15 years as an independent
advisor and trainer to a diverse
range of manufacturing and
service sector organizations, in
both public and private sectors.
Based in the United Kingdom,
Nigel Bauer and Associates
operates internationally providing
a range of consultancy and
training services to a broad
range of clients, including regulatory agencies, directly and
through partner organizations
located throughout the world.
E-mail nigel@nigelbauer.co.uk
Web www.nigelbauer.co.uk
Auditing is no longer confined

to financial operations, in
relation to which it is an accepted and respected practice for
which the need is well understood and demanded in senior
management circles.
The audit process

should be designed such
that it fully serves the
needs of management
With the explosion of interest
throughout the world in quality improvement, auditing has
received much attention as a
means of ensuring that plans
and systems for the achievement of customer satisfaction
are being followed and are
fully effective.
In addition, the increasing legal
requirements that must be met
by organizations and individuals
SPECIAL REPORT
has resulted in the setting up

of regulatory authorities that
need to establish if such legal
obligations are being met. The
approach adopted to gain this
information is to use audit techniques, basically similar to those
adopted by those with an interest in quality improvement.
There is therefore a need to
ensure that when auditing is
required, for whatever purpose, those delegated the task
are adequately equipped by
way of training in the tools
and techniques necessary to
perform audits in a fully satisfactory manner.
Audits need to be conducted
efficiently and effectively to
gain information in the least
disruptive manner to those
subjected to audit activity. It
is also necessary to ensure that
those who are to undertake
such a task are the right type
of person capable of seeking
out the information in a manner that is fully acceptable to
those under scrutiny, without
causing antagonism or ill feeling, and fostering a culture of
partnership and no blame .
The audit process should be
designed such that it fully
serves the needs of management and not the self-interest
of auditors or quality functions
who are trying to justify their
existence by shrouding the
process in mystique, bureaucracy and strictly enforced adherence to so-called management
system requirements.
I have been involved in the
provision of advisory and training services for many years
in a large number, diversity and sizes of organizations,
including regulatory auditing organizations. Throughout

this time, I have been able to
observe problems and difficulties that are being experienced by organizations in the
putting in place of fully effective auditing activities.
The following are just some
of these observations relating
to internal auditing, together
with some identified factors
for success.
An end in itself
Auditing does appear to be
pursued as an end in itself, with
many organizations employing
auditors who assume that they
know what to do and get on
and do it in such a manner that
the organizations systems are
maintained and improved.
However, the fact that the
auditors are often left to get
on with the job with senior
management taking little or
no interest, let alone becoming involved with the process
themselves, is worrying and
indicative of a lack of understanding of the true purpose
of auditing and how it and the
auditors should be managed.
The mystique, misunderstandings and preconceptions relating to auditing are rife and it
is hardly surprising, therefore,
to find that in the majority
of organizations, auditing is
viewed as a necessary evil to
maintain certification.
The auditors themselves are
viewed as strange, pedantic and
often uncontrollable beasts
who demand and dictate. In
particular, when so-called
nonconformities are found,
the auditors then demand that

these should be corrected, root
causes determined and often
within specific timeframes
to satisfy the system !
er themselves as an expert or
higher authority and quickly
become imbued with their own
self-importance.
The current trend for auditors

to attempt to overcome the
negative connotations of auditing by attempting to emulate
business consultants and
possibly to justify their existence by identifying so-called
opportunities for improvement is not helping to overcome some fundamental failings of the audit regime.
Opinions
Basically, anyone can spend

a short time in an organization and suggest opportunities
for improvement. However,
the value of these when compared to other issues facing
the organization and requiring
managerial attention is often
questionable.
True auditing is aimed at

providing independent
and unbiased factual data
not expressing opinions
Yes, the value of an external

and independent viewpoint
may be beneficial, but this is
the job of professional advisors.
True auditing is aimed at providing independent and unbiased factual data, not expressing opinions.
Opinions expressed by those
who then demand that attention be paid to such opinions,
and formal responses provided, can cause great disruption
and damage in an organization. To make matters worse,
such auditors begin to consid-
It should be remembered at
all times that managers manage and that auditors audit at
the request and on behalf of
management. If opinions are
sought, they may be freely given, but it should not be regarded as an integral part of auditing that auditors express their
opinions and demand actions
of managers.
If managers require opinions
and identification of good/bad
practices or opportunities for
improvement, then this must
be communicated clearly to the
auditors together with the form
of reporting to be adopted.
The majority of audits undertaken in professional organizations reveals little by way
of earth-shattering news for
the business world, but merely
indicate the level of noise in
the organization, which may
actually be tolerable to senior
management and worth little
attention in the overall scheme
of things.
Putting audit results into perspective is thus very necessary if an organization is to
avoid tying itself up in knots
constantly responding to trivial audit findings although it
must be recognized that trend
analysis could reveal something of value in this noise .
It is not the job of the auditors
to make decisions regarding
the importance of audit findings. However, it is the task
SPECIAL REPORT
The managers began to realize

that they should be involved
in steering the audits to serve
their needs rather than simply
accepting a constant stream of
routine audits and responding to the often insignificant
issues raised.
of management to take the

audit information, to understand the implications of the
findings, and to use the information as an additional input
to their general management
information systems.
Th e f o l l o w i n g e x a m p l e s,
although not company specific, summarize what has been
observed over the years in a
number of organizations, and
highlight some of the factors
that contribute to successful
auditing.
Example A:
how managements
attitude to internal
auditing evolved from
scorn to respect
The first example concerns
a very large, internationally active organization that
undertakes engineering work to
exacting standards and must be
able to demonstrate full control
of its operational processes.
This organization was certified
for a number of years to ISO
9001, mainly due to the need
to satisfy potential customers
that it had an effective quality management system and so
attract new business.
The quality function comprised
a relatively large number of
technically competent staff,
many of whom were required
to undertake routine audits
throughout the organization,
including overseas operations,
and of key suppliers of products and services.
The audit team was not particularly well respected, had not
been provided with appropriate audit training and conse-
quently provided audit reports

that were often contested due
to its members expressing opinions, rather than providing
objective and factual data. The
audits themselves were nonspecific in what was verified,
this being left to the whims of
the auditors, or they simply
went over the old ground of
previously reported findings.
In addition, a third-party auditing organization undertook
wide-ranging audits across
the international operations
and charged very high annual
fees for what, in managements
opinion, simply caused disruption and resulted in changed
priorities due to the need to
respond to the audit findings,
many of which were considered
to be of little consequence to
the business.
Comprehensive auditor and
audit management training was
provided to selected members
of the quality function. Senior
and middle management of the
operational areas were provided with awareness training to
improve their understanding of
the audit process and to inform
them that they were the customers of the audit process.
The retrained auditors and quality managers began to undertake audits in a much more
planned and systematic manner, responding to the needs of
senior and middle management
by focusing the audits on operational aspects that management
had concerns over.
Audits of overseas operations
were directed to areas of greater perceived risk, and audits
of suppliers and contractors
became more focused on specific and relevant operational
activities.
The audit reporting become
more factual and objective
and the results were viewed by
management as much more relevant, helpful and adding value
to their operations. There was
a quantum leap in the respect
for and perceived usefulness
of the auditors.
Audit issues raised at management meetings were welcomed and actively discussed
and where necessary, process improvements made. The
auditors felt valued and eventually it was agreed that this
professional audit team was
far surpassing the benefits of
third-party auditing and so subsequently, third-party certification was discontinued.
Key points : Competent
auditors, effective management
of the audit process,
management involvement.
Example B:
how management
puts little in...and gets
little out
The second example is of a
large organization providing
a range of products and services. Separate divisions of the
organization are responsible
for their own local quality
management system with each
being independently certified
to ISO 9001.
The organization had a history
of quality related complaints
and investigations into its product and service delivery activities, with the consequence that
there had been several quality initiatives resulting in large
numbers of staff being trained,
both in management systems
and auditing techniques.
Auditors are often left

to get on with the job
with senior management
taking little or no interest
Major and dramatic improvements have been made and
the organization is now well
respected and a benchmark
to other similar organizations.
However, there remain problems in the effectiveness of
internal audits with the consequence that there is a heavy
reliance on third-party auditing.
Managers, in spite of repeated
attempts at encouraging participation, are either disinclined
to become too involved with
the management of the internal
audit process and do not select
appropriate staff to undertake
SPECIAL REPORT
the audits. Instead they choose to

use junior and/or inexperienced
staff to undertake audits, mostly on a part-time basis additional to their normal jobs.
There is a central coordinating
function which attempts to ensure
that effective auditor training is
provided. However, with a very
limited budget, this function is
unable to run other than basic
auditor training which, coupled
with willing but inexperienced
auditors, results in relatively ineffective auditing, and certainly not
to the standard of the third-party
organizations.
The majority of audits

merely indicate the
level of noise in the
organization
The training provided to the
auditors was inappropriate
due to the desire of all to use
internationally recognized
Lead Auditor training and
receive certificates to embellish their CVs. This resulted
in more time being spent during the training course trying
to impart an understanding of
ISO 9001 and how to pass an
examination, rather than on
the development of auditor
competence.
Five long and intensive days of
such training were a veritable
mountain for the trainees to
climb. They passed an examination and received a certificate,
and then management believed
that they were trained and competent to undertake audits that
would reveal process weaknesses and assist the organization
to achieve its objectives.
In reality, many of those trained

failed to develop the necessary
skills during the training process, or undertook insufficient
audits to develop their skills in
the working environment and
were rarely able to carry out
audits that revealed other than
trivia. Consequently, management were not impressed with
the results, were rarely challenged by the auditors and
had little regard or enthusiasm for the audit process or
the auditors.
Key points: inappropriate
and part-time audit staff,
lack of management understanding of and involvement
with the audit process, inappropriate auditor training.
themselves, or held a senior

management position !
Competence and ability
Many of those who are required
to undertake audits, through no
fault of their own, may simply
not be cut out for this difficult and often thankless task.
They may be too junior in the
organization, or they may not
be able to stand up to the rigors of dealing with the type
of people encountered when
auditing.
People generally do not

like being audited
Selecting the right staff
People generally do not like

being audited, they may often
be rude, or just plain difficult
for the auditor to deal with. The
mental processing required
when planning, reporting and
particularly when conducting
an audit is exacting and tiring,
and some people will simply
not be up to the job.
A very important auditor ability is that of being able to conduct the audit in a professional manner without upsetting,
offending or intimidating those
being audited. Auditor arrogance should certainly not be
tolerated.
It is also necessary for auditors to be able to write comprehensive reports to communicate meaningful information
to management. This is another problematic area for many
auditors, who do not seem to
possess this important ability.
Critical success factors

From observations made in a
range of organizations, large
and small, public and private
sector, the following are some
of the conclusions reached:
Unfortunately, it is often the

case that those attracted to
auditing feel that they are the
experts in everyone elses job,
or for some strange, inexplicable reason consider themselves to be experts in business
management, offering up their
opinions of opportunities
for improvement whilst they
have never managed a business
Appropriate training
The lack of appropriate training is a very significant failing. In many organizations,
there has been an over reliance on the so-called certified auditor training courses
which, whilst providing baseline auditor training, cannot
possibly provide sufficient time
for the development of auditing skills.

Unfortunately, due to the largescale ignorance in the market
place, it is often felt that for
internal auditors, a two-day
training course is sufficient,
whilst for those who wish to
progress a little higher up the
scale, a five-day Lead Auditor
training course will turn them
into auditor graduates.
Although such training courses
provide a useful foundation for
auditors, they should not be the
only training that aspiring auditors receive. There is a need to
supplement this initial training
with a programme of auditing
skills development over a period of time and suited to the
individuals concerned.
I have found custom-designed
and flexible in-company training focusing on skills development to be the most effective
approach to auditor training.
Trainees respond well when
taken through an auditor training process that provides them
with the opportunity to develop their skills over a period
of time in real working environments
Effective management
of the audit process ...by top
management
Unfortunately, senior management are very rarely involved
in the planning of audit programmes, and hence do not
participate in the determination of what is to be audited,
how often and against which
requirements.
In the majority of organizations, senior management
and the audit process have
SPECIAL REPORT
effectively become decoupled

with the result that the auditing process no longer serves
the needs of management or
the organization. It should be
remembered that the main purpose of auditing is to provide
managers with information
to assist them to make business decisions. Understanding
and participation in the audit
process will provide managers with better value from the
auditing.
All of the above need to be
under the direct control of
senior management if the full
benefits of auditing are to be
obtained.
Serving the needs

of management
Management should recognize
that the internal audit process exists to serve their needs.
Management has to fund it
and resource it so that it provides the added value required.
In addition, auditing needs to
provide assurance that everything in their organization
is happening in the way that
management wishes it to happen and that the results being
achieved meet with the organizations objectives.
Auditing is not undertaken
merely to entertain auditors,
keep them in gainful employment, or to respond to the
requirements of standards or
external auditing agencies.
In order to take control of the
auditing process, senior managers should develop a full understanding of how the audit process needs to be managed and
the resources that are required
to provide for effective audit-
ing throughout the organization. They should not simply

abrogate their responsibilities
in these areas to quality departments and the like without this
understanding.
If the process is not managed
effectively, or if the wrong people are employed as auditors,
then the process will inevitably
fail to deliver. Auditing is not a
technique to be pursued as an
isolated profession in an organization it exists to support
the organization and hence
must be focused and directed
to provide information that is
desired and of value to senior
management.
needs. Audit results are part

of the information needed by
senior management to assist in
its decision-making processes.
The auditors are there to provide information, managers are
the ones who will make use of
the information and determine
what happens next.
With an audit process functioning effectively, fully under the

control of management and
serving the needs of the business, significant improvements
in the effective functioning of
the organization may be realized and the benefits of thirdparty auditing rapidly evaporate.
Senior management
and the audit process
have effectively become
decoupled
An effective management-led
audit process will likely be of
far more value than the type of
routine auditing often encountered utilizing inappropriate
audit staff, or the various random efforts of external, thirdparty auditors.
Auditor arrogance should

certainly not be tolerated
Auditing is being pursued by
many as a profession in its own
right, rather than as a means to
an end within an organization.
Yes, it does require particular
expertise and those required to
undertake audits need to develop their skill set; however, the
auditors should not be undertaking audits isolated from the
needs of the organization.
Senior management need to
take firm control to ensure
that all auditing activities are
undertaken fully in support of
operations and to a level compatible with managements
SPECIAL REPORT
Good practice for establishing the

competence of certification body auditors
While much has been published about internal auditing and auditing by
certification bodies, a vital link in the chain of confidence has received scant
publicity how do accreditation bodies establish that certification body auditors
are up to the job ? An experienced accreditation body auditor presents a
straightforward approach drawn from good practice observed worldwide.
by Brian J. Henry
Brian J. Henry is an experienced

and independent Accreditation
Body Lead Auditor who is
contracted to represent several
international accreditation
bodies that are Members of the
International Accreditation Forum.
He is the United Kingdom
Principal Expert on Auditing to
the ISO/TC 176 and ISO/TC 207
Joint Working Group for
ISO 19011:2002 and participated
in the development of this
standard and its predecessors.
Brian Henry is also a member of
the ISO 9001 Advisory Group
(IAG), member of the Auditing
Practices Group (APG) and member of the IAF/ISO Task Force that
is currently investigating how
to improve the verification of
auditor competence.
Tel. + 44 1636 673272.
Fax + 44 1636 673272.
E-mail bhenry@btconnect.com
It has become clear that many

certification bodies have found
difficulty in making the
transition from the old
qualification approach for
auditors that was previously
specified in withdrawn stanards such as ISO 10011-2 for
quality management system
(QMS) auditors and ISO
14012 for environmental
management system (EMS)
auditors to the competence
approach taken by ISO

19011:2002, Guidelines for
quality and/or environmental
management systems auditing,
Many certification bodies

have found difficulty
in making the transition
from the old qualification
approach for auditors to
the competence approach
which is now the unique

auditing standard in the ISO
9000 and ISO 14000 families.
This problem has led to nonconformities being raised when
the accreditation body has
audited the certification body
and often then resulted in disagreement because the certification body management has
not understood the competence approach.
SPECIAL REPORT
As a result, ISO (www.iso.org)

and the International Accreditation Forum (IAF www.iaf.
nu) have set up a task force
with the job of writing clearer
auditor competence requirements in the draft ISO/IEC
DIS 17021, Conformity assessment Requirements for bodies
providing audit and certification of management systems.
In the meantime, the following straightforward approach
may be of some help.
As an experienced accreditation body auditor and having
had the benefi t of contributing to the development of ISO
19011:2002, I consider having
very reasonable and straightforward expectations on what
to see from certifi cation/registration bodies (CRBs) with
regard to auditor/audit team
competence.
First step
My first step is to examine the
contract review that the CRB
has carried out for certification of an applicant organization. This, amongst other things,
should have resulted in a profile being created for the organization to be audited, especially
in terms of the proposed scope
of certification activities to be
considered for a particular IAF
scope code. I then expect to see
an auditor/audit team profile
from the existing CRB pool of
auditors that matches the corresponding IAF scope code.
The two profiles should match.
In the event that they do not,
then consideration needs to
be given to acquiring additional specialist external auditor resources or making use
of a technical expert(s) to fill

the gap.
ISO and the IAF have

set up a task force with
the job of writing clearer
auditor competence
requirements
What do I expect in terms of
competence of the individual
CRB auditors and audit team ?
At this stage, the focus is on the
audit team, which may consist
of one individual auditor, or
perhaps several auditors.
What I do not do at this stage
is make the mistake of diving
straight into Table 1 in Section
7 of ISO 19011:2002, Examples
of levels of education, work
experience, auditor training
and audit experience for auditors conducting certification or
similar audits . This has nothing to do with auditor competence at all.
Table 1 does not list levels of
competence instead it lists
levels which historically have
been useful as a coarse filter
for qualification and which
undoubtedly will usefully contribute to the development of
auditor competence.
ISO 19011:2000 defines competence as being the demonstration of personal attributes
and knowledge and skill. Nine
personal attributes, together with four generic areas of
knowledge and skills and two
specific clusters of knowledge
and skills, are specified for
QMS auditors in Section 7 of
ISO 19011:2002. Three specific
items knowledge and skills are
given for EMS auditors.
It is reasonable to expect that

the CRB should have identified
each of these within the documented processes and assigned
quantitative or qualitative criteria against each for a specific audit situation.
The criteria stated needs to
be the minimum necessary to
ensure satisfactory auditor performance and deliver audits
that are sufficiently thorough
and consistent and also provide added value.
Personal attributes
Dealing firstly with the nine
personal attributes I would
expect individual auditor
records to show that these have
been addressed and evaluated. The evaluation can range
from simple observation to
more complex methods such
as psychometric testing. What
is more important than the
method selected is the recognition that any shortfall is
either corrected through further development, or can be
safely mitigated and managed
by assigning the auditor to situations where the audit will not
be compromised.
Generic knowledge
and skills
What is expected here is that
the CRB has assigned quantitative or qualitative criteria for
each of the following criteria
for a generic audit situation
and that resulting individual
conformity and performance
has been demonstrated, tested and accepted.
Audit principles, procedures
and techniques. Knowledge of
these factors has been acquired

from successful completion of
formal auditor training courses, CRBs specific training,
and skills developed from role
play, or from audits carried out
under guidance and supervision. Probably the most important need to be demonstrated
from this knowledge and skill
set is the ability to carry out
conformity audits using the
process approach.
Management system and reference documents. This is perhaps the most important of the
generic knowledge and skills
and certainly the most controversial. Research is confirming that many auditors do not
really understand the standards
and do not apply them correctly often resulting in invalid
or inappropriate findings. It is
expected that the CRB should
be able to demonstrate that the
levels of knowledge have been
appropriately set.
The competence needed

to audit design and
development processes
effectively has often not
been clearly specified
This is likely to have been
acquired from successful completion of formal auditor training courses, CRBs specific
training, and skills developed
from role play or from audits
carried out under guidance and
supervision.
Organizational situations. This
covers, for example, avoidance
of disasters caused through
assigning an auditor without
sufficient knowledge of the
SPECIAL REPORT
structure and operations of

a large corporate multi-site
organization, and not having
the requisite skills. The converse case is the auditor who
is competent with the large
organizations, but is then unable to adjust expectations when
dealing with small or medium-sized enterprises where
employees have to wear many
hats, but with mitigated conflicts of interest.
It is expected that the knowledge and skills to handle these
situations effectively can be
gained from exposure to these
organizations through training, work place experience
and auditing experience under
training and supervision. It
may well be that some auditors will not be able to acquire
the full range of knowledge
and skill and the CRB should
have precautions built in to the
assignment processes to confine activity accordingly.
Applicable laws, regulations and
other requirements. Although
listed under generic knowledge
and skills, this set of criteria
will inevitably have a slant on
a QMS-specific context and it
is expected that the auditor(s)
should be aware when it is
appropriate to back off .
Specific knowledge
and skills
Quality related methods and
techniques. In order to audit
effectively in a QMS context, it
is vital that the CRB has clearly set the levels needed. It is
expected that these relate to
modern quality management
tools and their applications
and are maintained and updat-
ed through continuing professional development.
an initial certification and reassessment audit.
Processes and products. This

area is almost certainly the
most difficult knowledge and
skill set and the most troublesome for CRBs.
Whatever the approach taken, it is vital that the CRB has

defined the parameters to be
met in terms of the specific
product knowledge and skills
for use when establishing the
requisite audit team profile.
What is expected here is that

the CRB has recognized that
the auditor(s) will encounter
sector-specific terminology and
jargon, technical characteristics of processes and products
including services, and, very
often, unique sector-specific
processes and practices.
The situations can often be
very straightforward with processes and techniques having
synergy across similar IAF
scopes. In other situations, it
can be very complex, especially with such diverse sectors as
food, aerospace, agriculture,
finance and education.
What I expect to see here is
that the CRB has carried out
some type of risk analysis for
the criticality related to the
product in the specific sector.
It may well be that in situations
of high-risk criticality, the CRB
decides that the auditor(s) will
always be accompanied by a
scope-specific and currently
practicing technical expert.
The other end of the spectrum
with low risk criticality product may be that auditor(s) with
limited competence may operate alone, but with the support
of briefing notes.
What is not acceptable is a
situation where the CRB may
have mistakenly considered
that the process and product
knowledge and skills that are
needed for a surveillance audit
can be somewhat less than for
This does not have to be complicated and in some situations it may be satisfactory as a
coarse filter to identify simply
in broadest possible terms by
discipline, such as mechanical
engineer, electrical engineer,
industrial engineer, metallurgist. In other situations it may
be considered that a scientific discipline such as a chemist,
physicist, or materials scientist
may be more appropriate.
Outdated work place

experience is often more
dangerous than having
none at all
The same rationale can be
similarly applied to other areas such as the food industry
where individuals classified
as food technologists, nutritionists, hygienists ; agronomists may all be appropriate
as an auditor. The important
point again is that the CRB
can demonstrate that auditor
competence criteria has been
set, that the individuals have
been tested, that their competence has been demonstrated and that the demonstration methods and techniques
are sound.
As an accreditation body auditor, I am particularly wary
that the competence needed
to audit design and development processes effectively has

often not been clearly specified by the CRB. I expect to
see this included with specific product and process knowledge and skills, and evidence
that this has been demonstrated and tested.
Migration of competence
It is a well established fact
that many auditors are able to
acquire satisfactory levels of
knowledge and develop satisfactory levels of skill to audit
effectively in other IAF scope
codes that are sometimes quite
different from their mainstream industrial or commercial disciplines.
This should be neither dismissed, nor accepted at face
value. What needs to be considered is that the grounds and
justification have been satisfactorily provided by the CRB.
This is perhaps the time when
criteria such as Table 1 in section 7 of ISO 19011:2002 may
be useful and assist the CRB
in setting the levels which, if
attained, may lead to the requisite auditor competence.
However, it needs to be emphasized again that there is no single Table 1 to suit all situations.
The accompanying notes in the
standard are quite clear that
depending on the scope and
nature of the specific audit,
that the levels can be higher
or lower.
Experience has shown that
outdated work place experience is often more dangerous
than having none at all. Claims
of having gained product and
SPECIAL REPORT
process knowledge through

operating as a consultant need
to be carefully considered
especially if there is no satisfactory evidence that the individual had the ability to undertake
consultancy in the first place
and accepted the consultancy
project through misrepresentation of his or her qualifications and competence.
Having worked in other areas
as an auditor when supported
by a technical expert is a common and acceptable way of
developing product and process knowledge and skills. It is
again expected that the CRB
is able to demonstrate that the
minimum audit-specific levels
of knowledge and skills have
been met and have been demonstrated and tested.
or take away from the CRB

the responsibility for auditor
competence.
Generic knowledge
and skills of audit team
leaders
This is no different to the
generic knowledge and skills
for auditors with provision
for the CRB to set the levels
needed to develop the competence needed by QMS audit
team leaders and make use of

the methods specified in ISO
19011:2002 for testing and
demonstrating this.
Evaluation processes
ISO 19011:2002 Section 7 Figure 5 shows the relationship
between the stages of the evaluation process and then goes
on to describe four main steps
that are needed. As an accreditation auditor, I expect to
ISO 19011:2002 Section 7

Figure 5 : Relationship between the stages of evaluation.
Development
of competence
Guidance on the use of a variety of evaluation methods is

specified in ISO 19011:2002. I
expect to see that these, or a
selection of these have used.
Witnessed audit is a powerful technique, but by its very
nature is artificial, intrusive
and with potential to influence the outcome of the actual audit being undertaken. An
alternative technique is post
audit review, which has been
found to be equally effective
without the undesirable side
effects.
Better approaches
Criteria
not met
Auditor certification
This is now required to be taken into account, but consideration needs to be given about
the credibility of the auditor
certification body. Members
of associations such as the
International Personnel Certification Association (IPC
formerly IATCA www.iatca.org), linked by multilateral agreements and subject to
regular peer review, and bodies accredited by IAF accreditation bodies to provide auditor certification to ISO/IEC
17024, Conformity assessment
General requirements for
bodies operating certification
of persons, should inspire confidence.
see that use of this or a similar model has been documented and implemented by
the CRB.
Initial evaluation
(7.6)
Criteria
met
Continual evaluation
of performance
(7.6)
Criteria
met
Auditor
Not
selected
Criteria
not met
Maintenance and
improvement of competence
(7.5)
Care was taken when preparing this article to maintain confidentiality and not to divulge
any unique techniques that
have been developed by an
individual CRB. What has been
cited is strictly a generalization
of what is considered as being
some of the better approaches
that have been seen to be used
around the world and would
be acceptable to accreditation
body members of the IAF.
Research is confirming
that many auditors do
not really understand
the standards
Audit team
selection
(6.2.4)
Even so, auditor certification

may not focus on product and
process knowledge and skills
and therefore does not absolve
Auditing
(clause 6)
SPECIAL REPORT
Effective accreditation is essential

for audit competence
This article examines the causes behind the current concerns over the credibility of certification and, from an auditor certification perspective, suggests
where the solutions lie.
Few involved in the certification industry can have failed to

note a change in recent times
in the way the markets regard
accredited certification.
by Simon Feary
Simon Feary has been Director
and CEO of IRCA since 1994. He
currently serves on the Board of
IPC, the successor to IATCA.
E-mail sfeary@irca.org
Web www.irca.org
The situation might be confused slightly by the differences

in the way certification is perceived between markets that
are mature and those that are
developing. Look to the east
and all appears rosy. But back
in those regions where certification had its origins, a different picture is evident.
It is easy to identify positives.
The number of accredited certificates worldwide for environmental and quality management systems at last count
was well over 600 000. The
growth in the five-year period
to December 2003 was a very
healthy 80 %.
Certification is now global,
with few if any regions of the
world exempt from its influence. More standards are being
accommodated within the certification infrastructure. On the
face of things, it is a healthy
scenario.
SPECIAL REPORT
Concern
But there are negatives and
these are of sufficient magnitude to cause concern. The
growth in 2003 was supported
almost entirely by two economies, China and Japan, while
all the other majors were at
best flat with some showing a
retraction in percentage terms
of double figures.
One high-profile manufacturing industry, automotive,
has declared no confidence in
mainstream certification
although maintaining its confidence in ISO 9001: 2000 and
has walked away to create its
own sector-specific structure
for accreditation and certification. Another major sector, the aerospace industry
now requires having auditors
accompanied in order to ensure
confidence in their findings.
China, a rare bright spot, has
seen fit to impose some severe
caveats in the way it allows
certification to operate within
its borders. While some argue
their action is no more than a
clever expression of the Chinese way , where legitimate
competition is kept at arms
length, others recognize it to
be a reasonable response to
damaging and out of control
practices that are symptomatic of a malaise within the
industry.
So what has caused the brakes
to be applied so abruptly ?
Expressed in business jargon,
diplomatically, the reasons are
that demand has outstripped
the ability of the infrastructure to control the quality of
output.
Free markets, an over-abundance of providers and the

voluntary nature of certification have allowed short-term
commercial interests to exploit
opportunities offered by naive
markets and complicit or disinterested governments. But put
another way, simply and bluntly, accreditation has failed to do
its job adequately and the certification product has leaked
credibility.
Interpretations
Interpretations of standards
differ from one accreditation
body to the other, sometimes
significantly, depending to an
extent on the lobbying skills
of the petitioning certification body, and often they vary
within an accreditation body,
depending on the extent of
assessment competence of the
accreditation personnel.
So wheres the solution? Apparently, it lies with the accreditation industrys governing body,
the International Accreditation Forum (IAF). Nothing
is ever simple, or speedy with
governing bodies that are consensus-oriented and composed
of a membership approaching
50 from across the very broad
spectrum of economic situations and cultures.
Accredited certification has a

simple and coherent structure.
This was outlined in the original declaration developed by
the United Kingdom Government in the early 1980s and
remains valid today. Government delegates authority for
control (control, not regulation
an important distinction that
reflects the voluntary nature of
this enterprise) at arms length
to the accreditation body, one
per country. The accreditation
body has oversight of the certification bodies, ensuring rigour of quality and consistency
of those certification bodies
practices.
Certification is now
global, with few if any
regions of the world
exempt from its
influence
Simple in concept but in
practice it is not working well
enough. Accreditation bodies,
invariably monopolies within
their own countries, are often
accused of lacking the commercial and technical competence found within the certification bodies they are tasked
with controlling.
It also tends to be forgotten that, as with certification,

accreditation is also a business operation. Accreditation
is not disinterested financially, being dependent on revenues from those bodies they
are controlling. And in some
parts of the world, accreditation has overtly political drivers. All these serve to complicate and frustrate what should
be a straightforward exercise in
surveillance and control.
But credit where credit is due,

and taking a historical perspective, the IAF has to be regarded as making progress, from a
standing start a few years ago,
it has now gripped its brief and
has shown competence at producing guidance on a range of
issues, all geared toward best
practice and harmonization.
But it is slow, and its decisionmaking process subject to the
inertia of consensus.
SPECIAL REPORT
It has reacted with reasonable speed to the specific threat

drawn attention to by ISOs
late Secretary-General, Lawrence D. Eicher. In late 2001,
he raised the issue of disreputable practices by some conformity assessment operators
and indicated firmly that that
the remedy lay with the conformity assessment community
itself, and not with the writers
of standards. Police yourselves ! was his message.
There are negatives and

these are of sufficient
magnitude to cause
concern
At the end of 2001, during the
IAF plenary meeting in Kyoto,
Japan, a proposal was made for
the establishment of a multilateral task force comprising
representatives of the IAF,
ISO/TC 176 (the ISO technical committee responsible for
the ISO 9000 family) and ISO/
CASCO, Committee on conformity assessment. One of the
objectives of the new group
is to monitor real or potential threats to ISO 9001:2000
posed by the use made of it in
certification.
In May 2002, the first meeting
of the group, known as the ISO
9000 Advisory Group (IAG)
was held in Denver, Colorado, USA. The group conducted a warts and all review of
the certification industry, its
practices and various future
scenarios and looked at ways
to tackle problems identified.
And by all accounts, the IAG
is vigorously and seriously pursuing its brief.
Cause
But from the perspective of
auditor certification and it is
from this direction that this critique comes there is unease.
There is a fear that the focus
of the IAF and other initiatives will be on the symptom,
leaving the cause unaddressed.
The culprit will be determined
to be the auditor, or more precisely, the incompetent auditor
and recommendations will lean
toward addressing this aspect
rather than structurally, where
this article argues the problems
originate.
The reasons for this unease lie
with the considerable interest
shown in ISO/IEC 17024:2003,
Conformity assessment General requirements for bodies
operating certification of persons, for the approval of auditors. It is almost as if this is
seen as the what weve been
waiting for solution. And that
would be incongruous, as ISO/
IEC 17024 implies a third-party
determination of auditor competence, in other words, auditor
certification, and auditor certification has historically been
relegated to the periphery of
accredited certification.
Demand has outstripped

the ability of the
infrastructure to control
the quality of output
Although auditor certification
provides evidence of competence, it has never gained more
than an anecdotal respect from
the accreditors. It is very definitely the poor relation. The
accreditors and certification
bodies have always argued

that competence is a matter
to be determined themselves
and whether or not an auditor is certified is of no great
relevance.
The current mantra is auditor competence , but it should

more properly be audit competence . To place all the ills
at the foot of the individual in
the field is disingenuous.
Some accreditation bodies

accord it some status, others
do not. This is understood by
(most) auditor certification
bodies, and accepted. While
having no formal mandate to
contribute represents something of an irritation, it does
serve to keep auditor certification honest and focussed on
providing added value.
The entire audit process, from

the advertising literature, the
sales pitch, the audit team
competence, performance in
the field to the certification
decision are all valid factors
in determining whether the
resulting certification provides
value to the organization and
its customers, is consistent with
the purpose for which certification was intended, or
whether it is just commercial
opportunism.
While it is understandable
that there is interest in ISO/
IEC 17024:2003 it is a new
and an International Standard
the danger is that it will be
seen as the answer: not just part
of the answer, but the answer.
Already, one major auditor certification body is presenting it
as exactly that.
Competent
The message this organization is promoting is that only
accredited certified auditors
are properly competent. All
others, it says, are suspect and
the current criteria and methods for evaluating auditors
count for little. This is dangerous nonsense.
It is nonsense because there
are thousands of extremely
competent, certified auditors
exercising their profession to
good effect, and dangerous
because it distracts from the
root cause of the industrys
loss of credibility the lack of
effective control at the accreditor level.
Accreditation has failed

to do its job and the
certification product has
leaked credibility
Auditors are just part of the
certification process. If the
process itself is not well controlled or is based on false
premise, then it is unreasonable to expect the auditor to
shoulder the blame.
Two issues give cause to be
realistic about the impact that
ISO/IEC 17024 and accredited, certified auditors will
have on certification and both,
unsurprisingly, relate to competence.
The first is the way auditor certification is regarded by certification bodies. The majority, especially those that take
a responsible, long-term view,
see auditor certification as not
much more than an indication of basic competence. For
SPECIAL REPORT
them, it represents an assurance that the auditor has a

working knowledge of ISO
19011:2002, Guidelines for
quality and/or environmental
management systems auditing,
and the ability to audit simple,
generic processes.
Certification bodies accept that
the real training and acquisition of competence comes
via the certification bodies
own monitoring, training and
appraisal processes, where the
auditor learns, amongst other
things, the organizations own
practices.
These certification bodies

make sure that no auditor is
let loose on a client until he or
she is able to demonstrate the
required auditing competence
and approach specific to that
certification body.
To place all the ills

at the foot of
the individual in the field
is disingenuous
An expectation that all certification bodies will now regard

accredited certified auditors as
off the shelf, ready to audit
just because they are accredited is misguided and naive.
terms of managing client relations, will continue to exercise

close control, through training, performance monitoring
and calibration. Using accredited auditors will not change
that aspect.
Critical
The second issue is contextspecific competence. Auditor

certification provides an indication of generic auditing competence only. There are few if
any auditor certification bodies that certify competence to
audit within specific industry
contexts to any great extent,
and it is this context-specific
No doubt some will, in the

same way that they do now
with auditors qualified under
the current system, but those
who recognize that from a risk
perspective, the performance
of their auditors in the field
is one of the most critical in
About IRCA
The London-based International Register of Certificated Auditors (IRCA) began certifying auditors in 1984. It was set up
as part of an initiative by the United Kingdom Government
to make business and industry more competitive.
The aim of this initiative, which was in effect accredited certification, was to achieve efficiencies by reducing the costs
of supplier audits by replacing them with a fewer number
of third-party audits. Each third-party audit of a supplier
would then be accepted and recognized by all customers of
that supplier.
This quality infrastructure proved to be extremely successful and is now recognized worldwide to be the most effective and most commonly used method for assuring the quality of supplier organizations. This same structure is now used
in other contexts, e.g. to assure the compliance of organizations management systems to occupational health & safety,
food safety and environmental requirements. But whatever
the context, because the structure relies heavily on competent auditors and consultants, the role played by IRCA has
been essential.
The evaluation and certification methods developed and used
by IRCA have been adopted by most other auditor certification bodies. Although most countries now offer alternatives
to IRCA through their own national auditor certification
programmes, IRCA certification has achieved international
recognition.
Around 30 000 auditors have been awarded certification since

1984, and over 100 countries are currently represented on the
IRCA register.
Programmes
The majority of auditors on IRCAs register are certified to
audit ISO 9001:2000. In addition to providing certification
services to quality management system auditors, IRCA also
offers certification programmes for environmental management, occupational health and safety, food safety, information
security, social systems and sustainability assurance.
Under development is a programme certifying the competence of auditors who audit greenhouse gas emissions under
the European Unions carbon emissions trading initiative.
IRCA also certifies auditor training courses and, in addition,
now certifies an increasing range of training organizations and
training courses as independent activity. Originally designed
for auditors intending to become certified, the range of such
courses has expanded to meet the needs of students seeking
information on quality, environmental and health & safety
management for a variety of reasons. Now, only a small minority of students attending these courses are auditors.
Training organizations in many parts of the world seek IRCA
certification for their courses. Around 50 000 students a year
attend IRCA-certified training in all parts of the world.
SPECIAL REPORT
aspect that has caused arguably

the greatest negative reaction
from client organizations.
This gives rise to the our auditor didnt know anything about
my business/industry/processes protest. And unless there
is a sea change in the attitude
of certification bodies toward
costs and they are prepared to
absorb the additional cost burden associated with sector-specific auditor certification, this is
one aspect of improving audit
competence that auditor certification, accredited or otherwise, will not address.
Auditor certification
provides an indication
of generic auditing
competence only
by those who carry the most

risk. And those are the certification bodies that employ and
use the auditors.
With the best will in the world,
the attributes of honesty, integrity, tenacity and most of the
others listed in ISO 19011 are
best determined in the field, in
real-life conditions and, most
usually, over time.
Value-adding
Attempting to resolve these
aspects through an artificial,
third-party process only serves
to add a layer of complexity, cost and mystique to what
Determining competence
requirements of a specific
audit and matching these with
individual auditors competences is a responsibility that
lies entirely within the remit
of those who manage the audit
process. That it is too often
neglected is neither an indictment of auditor competence,
nor of auditor certification. It
is a reflection that certification
bodies are cutting corners and
the accreditation process is not
picking this up.
Identifying the remedy is simple. Accreditation must be
made to work properly. The
key to credible certification
does not lie with auditor certification bodies adding complexity, cost and gimmickry to
what ought to be a simple process. There are aspects of competence that are best addressed
ought to be a simple, valueadding process.

So let us leave the gimmickry aside and focus on the real
cause of the markets growing
disenchantment with certification the ineffective and poor
performance of the accreditation system.
Some may be tempted to consider this as falling within the
too difficult category, but
left unaddressed, all other
approaches will amount to
little more than sticking plaster.
There is an old adage in business, applied when organizations are not working effec-
tively, indicating where the

cause lies the fish rots from
the head . In this analogy, the
auditors quite clearly represent the tail. If the certification industry wants a proper,
viable, long-term solution to
the problem of audit competence, then leave the tail alone
and address the problems at
the other end.
SPECIAL REPORT
US adds guidance to ISO 19011

for internal and client audits, plus SMEs
By definition, International Standards are developed for adoption without
change worldwide. Sometimes, however, a country will decide that a
standard needs supplementing to be truly effective. A case in point is the
management system auditing standard, ISO 19011, to which the USA has
added guidance.
The US judgement of the ISO

19011:2002 management system audit standard was that
it lacked sufficient guidance
on internal and supplier audit
programmes and audits, and
on the use of the standard by
small-to-medium enterprises
or organizations
by Gary L. Johnson
This has led to the development of ANSI/ISO/ASQ QE

19011S-2004, Guidelines on
Quality and/or Environmental
Management Systems Auditing
US Version with Supplemental Guidance Added.
The Supplement is not intended to supplant ISO 19011:2002.
The purpose of the Supplement is to augment the ISO
text with the text needed, in
the US view, to provide clear
and useful guidance for internal (first-party) audits, supplier
(second-party) audits, and use
by small organizations.

+
19011S-2004
E
Q
Q
S
A
/
O
S
I
/
I
S
AN
0 Introduction
1 Scope
2 Normative References
3 Terms and Definitions
4 Principles of Auditing
Description
The structure of ANSI/ISO/
ASQ QE 19011-2004 follows
the same order as the ISO
standard:
5 Managing an Audit
Programme
6 Audit Activities
7 Competence and
Evaluation of Auditors
The Supplement presents the

ISO text in a box and follows
the box with the supplemental
guidance in three sub-clauses,
one each for internal (firstparty) audits, supplier (secondparty) audits, and use by small
organizations. In those clauses where the ISO text is sufficient, the Supplement notes
that no additional guidance is
needed.
SPECIAL REPORT
The placement of the ISO text

in boxes was done to distinguish clearly between the ISO
text and the Supplement text.
This had been done previously
in ISO 9004:2000, Quality Management Systems Guidelines
for performance improvements,
with the ISO 9001 requirements placed in boxes and followed by the ISO 9004 guidance.
Clause 1 Scope
The ISO text focuses on the
applicability of the standard
to quality management systems (QMS) and environmental management systems
(EMS), and notes that it may
be applied to other types of
management systems as well.
The US judgement was

that ISO 19011 lacked
sufficient guidance
on internal and supplier
audit programmes
and for SMEs
The Supplement adds clarification of the concept of small

organizations to include consideration of the complexity
of the management system ;
that is, the Supplement would
apply to large organizations if
they have simple management
systems, simple products and
processes, etc.
Clause 2 Normative references

The Supplement does not add
guidance to this clause.
Clause 3 Terms and denitions

While the Supplement does not
add new definitions or changes
those in Clause 3, it does note
that the term competence is
used in the context of auditor
competence.
Clause 4 Principles of auditing

The Supplement adds text to
stress the importance of audit
and auditor independence, adding that auditors should not
audit their own work. The
value of the audit principles to
supplier (second-party) audits
and to use by small organizations is also discussed.
Clause 5 Managing an audit

programme
The Supplement adds text
to emphasize the differences
between internal and external
audit programmes. The audit
programme may also address
the possibility of combined
audits and joint audits.
Such audits are more typically found in external (third-party) audits, but combined internal QMS and EMS audits are
possible.
The Supplement adds text to
emphasize again the differences between external and internal audits in how audit programmes are managed and in
the involvement of the organizations management in the
programmes. In addition, the
Supplement suggests that audit
programme review should also
consider the performance of
the audit programme in meeting the needs of the organization and the contribution of
the audit programme to the
improvement of the management system.
About the author

Clause 6 Audit activities
The Supplement adds important guidance for audit team
leaders for internal (first-party) audits and supplier (second-party) audits that is not
covered by the ISO text. The
Supplement also provides
extensive guidance on internal
(first-party) audits and supplier
(second-party) audits, including the audit team review of
any available documents pertaining to the audit and preparation for the on-site phase
of the audit.
The US Supplement
is not intended
to supplant
ISO 19011:2002
The Supplement emphasizes the
particular differences in how
internal and external audits
are conducted. For example,
an opening meeting may be
less formal for an internal audit
and communication during the
audit can be simpler. The Supplement notes, however, that
a formal meeting is always
appropriate in supplier (second-party) audits.
The ISO standard and the Supplement provide specific guidance for audit completion and
follow-up as needed to confirm
that all nonconformities have
been addressed. In most cases, the audit will be completed
when all activities described in
the audit plan have been completed; however, there may be
Gary L. Johnson is currently

an environmental engineer
in the US Environmental
Protection Agencys Ofce of
Environmental Information.
He is a recognized international
expert on auditing, having
represented the US in the
development of the ISO
19011:2002 auditing standard
for quality and environmental
management systems.
He co-chaired the ANSI Z1
Committee effort to develop
ANSI/ISO/ASQ QE19011S-2004,
the US Supplement to
ISO 19011:2002.
He represents EPA on the US
technical advisory groups to
ISO/TC 176 (ISO 9000) and to
ISO/TC 207 (ISO 14000).
Most recently, he has represented ISO/TC 207 on the
IAF-ISO Task Force on Auditor
Competence.
E-mail Johnson.Gary@epamail.
epa.gov
Web www.epa.gov
The author wishes to
acknowledge the contributions
to ANSI/ISO/ASQ QE 19011S2004 by John Stratton and Bart
Solomon as fellow US experts
to the ISO 19011 Joint Working
Group on Auditing and by the
members of the ANSI Z1 Joint
Task Group that developed the
Supplement. The support of
the development of ANSI/ISO/
ASQ QE 19011S-2004 by the
U.S. TAG to ISO/TC 176 and
the U.S. TAG to ISO/TC 207 is
also greatly appreciated.
SPECIAL REPORT
occasions when follow-up by

the same audit team will be
necessary, for example, in an
internal audit.
Clause 7 Competence and

evaluation of auditors
Clause 7 in ISO 19011:2002 represented a significant change
from looking at auditor qualifications to auditor competence. Auditors must be
competent to perform their
assigned tasks and the standard
described a consistent process
for initially selecting and continually evaluating the competence of auditors.
Competence is based on the
demonstration of personal
attributes and the ability to
apply requisite knowledge and
skills obtained through education, work experience, auditor
training, and audit experience.
The Supplement adds text

to stress the importance
of audit and auditor
independence
The ISO 19011:2002 standard
describes the general knowledge,
skills, and personal attributes
needed for an auditor and an
audit team leader. An auditor
should have knowledge and
skills in audit principles, procedures, and techniques gained
through appropriate education,
work experience, auditor training, and auditing experience
consistent with the needs of the
audit programme.
Typically, the levels of education, training, and experience
will vary according to the spe-
The levels of education,

training, and experience
needed for internal
auditors will very likely
differ significantly from
those for certification
auditors
cific goals and objectives of the
audit programme. For example,
the levels of education, training, and experience needed
for internal (first-party) auditors will very likely differ significantly from those for thirdparty, certification auditors. In
a practical manner, these levels should be set by the owner of the audit programme or
by an appropriate accreditation body.
The Supplement provides an
alternative approach from ISO
19011:2002 to determining and
evaluating the competence of
auditors based on the scope of
the audit programme.
Practical considerations show

that the competence needed
for certification/registration
auditors would logically be
greater than that for internal
auditors. These and other differences between internal audit
programmes and external audit
programmes form the basis
the Supplements approach
to competence, and the Supplement provides extensive
guidance to the user in this
regard.
Lastly, Clause 7 also provides
guidance on the maintenance
of auditor competence. This
is typically achieved through
continuing professional development, such as through additional training, participation in
conferences and seminars, and
additional auditing experience.
The Supplement offers additional examples of sources of
continuing professional development that may be helpful to
the user.
More effective
While ISO 19011:2002 provides
new and more effective guidance for auditing QMS and
EMS, its value for the full scope
of auditing activities may be
fully realized by an organization through the use of ANSI/
ISO/ASQ QE 19011S-2004.
The Supplement contains the
full text of the ISO standard
and provides the added guidance necessary to manage
audit programmes, plan and
conduct individual audits, and
select and evaluate competent
auditors.
The Supplement expands the
applicability of ISO 19011
beyond its emphasis on external (third -party) audits to
more effectively encompass
internal (first-party) audits,
supplier (second-party) audits,
and use by small organizations.
SPECIAL REPORT
ISO 9001:2000 auditing kit extended

to best accreditation audit practices
by Alex Ezrakhovich and Lorenzo Thione

Alex Ezrakhovich is co-convener
representing ISO/TC 176 of the
joint ISO/IAF ISO 9001:2000 Auditing Practices Group (APG) and
the related Accreditation Auditing
Practices Group (AAPG).
He is General Manager of SAI
Global Certication Services Pty.
Ltd, based in Sydney, Australia.
E-mail l.thione@sincert.it
Web www.sincert.it
E-mail Alex.Ezrakhovich@sai-global.
com
Web www.sai-global.com
Lorenzo Thione, is co-convener

representing IAF, is President of
the certication body Sistema
Nazionale per lAccreditamento
degli Organismi di Certicazione
(SINCERT), based in Italy.
The prolific joint ISO/IAF

ISO 9001:2000 Auditing Practices Group (APG) has been
busy adding new guidance
modules to its best practice
auditing kit.
New modules developed at the

APGs two most recent meetings in Kuala Lumpur, Malaysia, in December 2004, and Chinese Taipei in February 2005,
include the following :
Auditing preventive action.
Auditing internal communication.
Documenting nonconformities.
Reviewing and closing nonconformities.
Auditing the effectiveness
of internal audits.
Third party auditor impartiality and conflicts of interest.
Auditing of electronic based
management systems.
Auditing service organizations.
The modules making up the
APGs auditing kit are avail-
able in electronic versions

only free of charge via the
ISO Web site : www.iso.org/
tc176/ISO9001AuditingPract
icesGroup
The short, easy to read modules offer a practical how to
approach to auditing an ISO
9001:2000 quality management
system (QMS).
Although developed mainly
for certification body personnel carrying out QMS audits
for organizations seeking ISO
9001:2000 certification, they
may also be useful to staff carrying out in-house audits, as
SPECIAL REPORT
well as to consultants, trainers

and anyone with an interest in
quality (see also ISO offers
free-of-charge ISO 9001:2000
auditing kit , ISO Management Systems, July-August
2004 .
The APG was initially established as a sub-group of the
ISO 9000 Advisory Group
(IAG), as part of a broader initiative to ensure the continued
credibility of third party certification. The APG is made
up of experts nominated by
ISO/TC 176 (www.tc176.org),
the ISO technical committee
responsible for the ISO 9000
family, and the IAF (International Accreditation Forum
www.iaf.nu) the grouping of
national accreditation bodies
that verify the competence of
certification bodies.
The objective of the APG is
to improve the value of third
party certification audits for
organizations and their customers. The guidance modules
it has developed have generated great interest among international conformity assessment
operators.
Expanded scope
As a result, the IAF Technical Committee has decided to
expand the groups scope and
membership to cover accreditation audits (office and witness audits) of certification
bodies.
This has led to the formation
of the Accreditation Auditing
Practices Group (AAPG)
administratively related to the
APG which will hold joint
meetings with the APG, follow
the same working procedures

and publish informative papers
on the APG Web site.
Since the AAPG covers auditing in accordance with ISO/
IEC 17021, Conformity assessment requirements for bodies providing audit and certification of management systems,
an operational liaison with
ISO/CASCO, Committee on
conformity assessment, which
developed the standard, has
been established.
process we are asking all

interested parties to provide
inputs and feedbacks through
our Web site, in order to support the work of the APG.
The AAPG will provide inputs
for IAF Technical Committee discussions and resolutions: However, since AAPG
papers are informative and not
designed to offer official guidance, they are not required to
go through the formal TC balloting process. Instead, they
provide information on specific topics to help improve

the added value of accreditation activities.
However, we would not discourage accreditation bodies
or standards developers from
issuing formal guidance in conjunction with APG papers.
The AAPG has already developed a number of draft publications which are currently
being reviewed prior to release,
including the following :
Auditing competence of
QMS certification/registration body auditors and audit
teams.
Accreditation witness
audits.
Process approach based
accreditation audit.
New ideas
We are delighted that IAF
has extended the scope of our
work to include accreditation
practices, and we are working on ideas for new papers to
help enhance the effectiveness
of the accreditation process,
and the value and credibility
of accredited QMS certifications.
We would encourage all accreditation and certification bodies to make use of the guideline papers, and urge auditors
around the world to read them
and benefit from the insights
they provide. And as part of
our continual improvement
ISO INSIDER
ISO 22000 standard for safe

food supply chains
by Roger Frost
September 2005 is ISOs publication target for ISO 22000 1),

the new standard for food safety management systems, which
is intended to ensure that there
are no weak links in food supply chains.
ISO has circulated the final
draft of the standard to the
national standard bodies that
make up its membership for a
two-month voting period, ending on 5 July 2005.
ISO 22000, Food safety management systems Requirements for any organization in
the food chain, can be applied
to organizations ranging from
feed producers, primary producers through food manufacturers, transport and storage
operators and subcontractors to retail and food service
outlets together with interrelated organizations such as
producers of equipment, packaging material, cleaning agents,
additives and ingredients.
As food safety hazards can be

introduced at any stage of the
food chain, adequate control
throughout the food chain is
essential, commented Jacob
Frgemand, convenor of the
ISO working group that is
developing ISO 22000.
Food chain
Thus, food safety is a joint
responsibility that is principally
assured through the combined
efforts of all the parties participating in the food chain.
ISO 22000 specifies the requirements for a food safety management system in the food
chain where an organization
needs to demonstrate its ability to control food safety hazards in order to provide consistently safe end products that
meet both the requirements
agreed with the customer and

those of applicable food safety regulations.
Dorte Jespersen, secretary of
the ISO 22000 working group,
explained the background to
the standard : Organizations
that produce, manufacture,
handle or supply food recognize that customers increasingly want them to demonstrate
and provide adequate evidence
of their ability to identify and
control food safety hazards and
the many conditions impacting
food safety.
The standard can

be applied on its own,
or in combination with
other management system
standards such as
ISO 9001:2000
9001:2000, with or without

independent (third party) certification of conformity.
Complemented
The publication of ISO 22000
will be complemented by an
ISO Technical Specification
(ISO/TS 22004) giving guidance on the implementation
of the standard, with a particular emphasis on small
and medium-sized enterprises. In the following months,
another Technical Specification ((ISO/TS 22003) will be
published explaining certification requirements applicable when third-party certification is used.
These documents are being
developed by working group
WG 8, Food safety management systems, of ISO technical committee ISO/TC 34,
Food products. Experts from
23 countries are participating and organizations with
liaison status include the following: Confederation of the
Food and Drink Industries of
the European Union (CIAA),
Codex Alimentarius Commission, International Hotel and
Restaurant Association, CIES/
Global Food Safety Initiative,
and World Food Safety Organization (WFSO).
Th e g r o w i n g n u m b e r o f
national standards for food
safety management has led
to confusion. Consequently,
there is a need to harmonize
the national standards at an
international level.
The standard can be applied
on its own, or in combination
with other management system standards such as ISO
1) See ISO 22000 to ensure

integrity of food supply chain ,
ISO Management Systems
September-October 2004.
ISO INSIDER
Get me the money !

How quality management systems can
yield financial and economic benefits
by Tommie J. Johansson and Paul C. Palmes
Throughout the development

of ISO 10014, achieving consensus in support of the content and format of Clause 5
Application of the management
principles was our greatest
challenge.
This is the heart of the standard, defining the links between
each of the eight management
Financial concepts and

terminology required some
form of definition for
the quality community
Swedenbased management
consultant
Tommie J.
Johansson
specializes
in quality,
project and competence management, and is convener of the
ISO working group reviewing
ISO 10014.
In this sequel to Show me

the money (ISO Management
Systems March-April 2005),
we look at what it takes to
get the money actually
achieve financial and economic benefits by applying the
eight quality management
principles of ISO 9000:2000
forming the heart of ISO
10014, Quality management
Guidelines for realizing
financial and economic benefits, now at Draft International Standard (DIS) stage.
Guidelines for top

management
Anyone who has participated
in a group of experts writing
International Standards
knows that achieving consensus is challenging. There are
many opinions, cultures, experiences and language differences that have to be factored
into the process. It takes time
to accommodate ideas, comments and technical nuances,
and arrive at a document that
satisfies the majority of the
working group.
He has been involved in

ISO technical work for more
than 10 years, representing
Sweden in ISO/TC 176 since
1993. His participation included
the development of ISO 10015,
Quality management Guidelines for training, and in the
Chairs Strategic Planning Task
Group developing Horizon
2010 .Tommie Johansson is a
member of Swedish Standards
Institute (SIS) and represents
the Swiss foundation, Centre for
Socio-Eco-Nomic Development
(CSEND) in Sweden.
Tel. + 46 70 593 6940.
principles and tools specific to

each principle to achieve
financial return. However,
obstacles emerged from the
moment the initial list of
accepted business tools and
reporting formats was developed.
As most of these tools are not
found in quality texts, the
financial concepts and terminology required some form of
Paul C.
Palmes is
the project
secretary
and US Lead
delegate for
the development of the
ISO 10014 guideline, Vice Chair
of the US TC 176, and Quality
Assurance Director for Northern
Pipe Products Inc. in Fargo,
North Dakota, USA. He has been
a Certified Quality Manager and
member of the American
Society for Quality (ASQ) since
1992. His new book, Process
Driven Comprehensive Auditing
(ISBN 0-87389-641-6) was
recently published by ASQ Press
(http://qualitypress.asq.org/).
Paul Palmes is also a member
of the Steering Committee of
the Open Compliance and Ethics
Group (OCEG) participating in
the development of ethical systems design and management.
He represents the US TC 176 on
the Quality Board of the ANSIASQ National Accreditation
Board (ANAB), the US accreditation
body for management systems,
and as liaison to the International
Accreditation Forum (IAF).
E-mail tommie@sighard.com
Tel. + 1 701 282 7655.
Web www.sighard.com
E-mail paulp@northernpipe.com
ISO INSIDER
definition for the quality community. Many of these financial tools resisted application
to a single quality principle or
function.
Several share similar features,
but have significantly different investment requirements.
Some are identical, but have
different names in different
countries.
Clause 5 addresses these obstacles by listing the most appropriate financial tools and
reports beneath each management principle. Early drafts
struggled with what goes
where and whether the repeatability of a particular tool warranted an expanded definition
in a separate annex.
Realizing financial and

economic benefits
ISO 9000:2000 describes the
fundamentals of a quality management system and identifies
the following eight quality man-
agement principles (QMP)

shown with the relevant subclauses of ISO 10014 to be
used by top management in
order to lead the organization
towards improved performance :
1. 5.1 Customer focus
2. 5.2 Leadership
3. 5.3 Involvement of people
4. 5.4 Process approach
5. 5.5 System approach to
management
6. 5.6 Continual improvement
7. 5.7 Factual approach to
decision making
8. 5.8 Mutually beneficial
supplier relationships
Adoption of these principles as
guiding stars is a strategic top
management decision that will
help create an environment
where people are fully involved
and where a quality-directed
management system can operate effectively. The ISO 10014
guidelines explore the QMP

from a financial and economic
perspective. Using tools listed
under each principle, the quality professional can develop a
plan of action in which top management can expect to achieve
a specific financial result.
ISO 10014 will help top managers improve business decisions
by elaborating on each principle relative to achievable financial and economic benefits,
based on the availability of reliable and usable information.
In doing so, the guidelines will
enable quality professionals to
recognize the link between quality improvement and achievable financial benefits and help
them contribute to discussions
concerning methods and tools
that define what it takes to get
me the money !
These are a mixture of economic and quality disciplines,
designed to reconcile any differences between top manag-
Figure 1: the Plan-Do-Check-Act cycle

PLAN
DO
CHECK
ACT
Market
appraisal
Product
realization
Assessment
Improvement
Customer feedback analysis
Advanced Product Quality

Planning (APQP)
Customer Relationship
Management (CRM)
Market surveys and analysis
Strategic planning
Strengths, Weaknesses, Opportunities, Threats (SWOT)
Customer
requirements
identification
Quality Function Deployment
(QFD)
Service agreements
Bottleneck management
Electronic Data Interchange
(EDI)
Materials Requirement
Planning (MRP)
(See Annex A)
Balanced Scorecard (BSC)
Increased efficiency
Benchmarking
Improved effectiveness
Dashboard
Improved performance
in processes, activities and
products
Design of Experiments
(DOE)
Trend analysis
Product Part Approval

Process (PPAP)
Customer feedback measurement
Call centres
Customer Relationship Management (CRM)
Customer satisfaction surveys
Help desks
Response and complaints handling
CONTINUAL IMPROVEMENT CYCLE

(See Sub-clause 5.6)
New/rened objectives
Recognition and reward
ers and quality professionals.

More than 70 are briefly
explained in Annex C of the
guidelines, and once you have
identified the specific tools to
use in your organization, you
can easily find more detailed
descriptions on the market.
Self-assessment
A unique self-assessment tool,
developed specially for ISO
10014, is an integral part of
Annex A. In the form of a questionnaire, it comprises three
questions per principle in a
condensed version, plus a
detailed 68-question version
for a more comprehensive evaluation, scored on a scale of 1
to 5, to assess an organizations
level of maturity.
The self-assessment process is
designed to help identify the
priority areas for improvement
and to indicate methods and
tools to realize benefits. An
important link between the
self-assessment findings and
achievable benefits is cross-referenced in Annex B, to assist
top management rank and prioritize actions.
Here are examples of how the
guidelines elaborate on two of
the key principles, Customer
focus and Continual improvement :
Customer focus
Clause 5 examines each of the
management principles and
describes the financial and economic benefits that can be
achieved by applying them.
Once you have identified and
prioritized the principle
improvement actions to be taken, the next step is to identify
ISO INSIDER
the processes to achieve such

benefits. The aim is to find guidance concerning the management methods and tools available. As an example, the first
principle of ISO 9000:2000
Customer focus states:
Organizations depend on their
customers and therefore should
understand current and future
customer needs, should meet
customer requirements and
strive to exceed customer expectations.
The core section of ISO 10014
utilizes a combination of the
quality management principles
and the Plan-Do-Check-Act
cycle (P-D-C-A), reflected in
flowcharts found in sub-clauses 5.1 to 5.8, two of which are
illustrated here (see Figures 1
and 2).
Each sub-clause describes
some key benefits (under ACT)
that can be achieved by applying the principles via selected
methods and tools. Examples
are shown under the P, D and

C columns.
Continual improvement
Sub-clause 5.6 Continual
improvement illustrates how
the P-D-C-A approach can be
applied effectively by top managers in their strategic planning and review processes to
realize, and enhance, benefits
to the bottom line.
Continual improvement of the
organizations overall performance should be a permanent
objective of the organization.
(ISO 9000:2000)
An effective continual improvement process is the key to maintaining financial and economic
benefits, but top managers must
commit themselves to applying all eight interrelated management principles. Benefits
from using the methods and
tools identified in Clause 5
show up as continual improvements that add value.
Nevertheless, it is important to
take a holistic view of the needs
of all interested parties to
ensure an organization is capable of effecting the sort of
changes that lead to continual
improvement.
by Germn Lombana
Working towards
a common goal
ISO 10014 was written to define
the common ground and a common language between top
management and quality professionals. Both levels need to
achieve positive financial return
for their work, but often struggle to understand each others
perspectives, terminology and
reports. The success of ISO
10014 will be measured by how
far they succeed in communicating and working together
towards a common goal.
Figure 2: The continual improvement process

Sources of opportunities
for improvement plans
Customer feedback
Financial performance
Self-assessment results
Audit results
Yield
Value of goods and services
Human resources
Appraisal
Satisfaction feedback
Suggestions
Recommendations for improvement
Problem solving (corrective action)
External factors
Regulatory
Emerging technologies
Changes in the marketplace
Environmental/social
Guidance on
the role of QMS
in product
certification
Process steps
Review of action
INPUTS
Data analysis
Trend identification
Self-assessments
Results evaluation
Identication of action items
Prioritisation
Set and cascade objectives
Application of all principles and
selected tools
Action plan development
Allocation of resources
Re-conducting self-assessment
and evaluations
Projected sales
Budget allocations
Performance target levels
Strategic plan
Cost reduction targets
Cash flow
Capital
expenditure
OUTPUT
The role of a quality management system (QMS) in relation

to product certification is clarified in the updated ISO/IEC
Guide 53, Conformity assessment Guidance on the use of
an organizations quality management system in product certification 1). It provides guidance for product certification
1) ISO/IEC Guide 53:2005(E),
Conformity assessment Guidance
on the use of an organizations
quality management system in
product certification, 21 pages,
English only, costs 99 Swiss francs
and is available from ISO national
member institutes (listed with
contact details on the ISO Web
site : www.iso.org) and from ISO
Central Secretariat (sales@iso.org)
Implemented actions = FINANCIAL & ECONOMIC BENEFITS

ISO INSIDER
and regulatory bodies when

assessing product conformity when the supplier operates
a QMS :
ISO/IEC Guide 53:2005, the
first revision since it was introduced in 1988, has been four
years in preparation by ISO/
CASCO, Committee on conformity assessment, Working
Group WG 26.
Although initially a terminology revision, it now reflects
the many changes that have
taken place in QMS and conformity assessment requirements, and also the functional
approach established in ISO/
Product certification schemes

incorporating an organizations
quality management system
can be beneficial for both the
organization and the certification body in determining
the conformity of products to
specified requirements and in
assuring that products continue to conform to those requirements, states the introduction
to the guide.
Product certification
schemes incorporating
an organizations quality
management system
can be beneficial
This is consistent with ISO
9001:2000 which specifies
requirements for a QMS where
an organization :
Germn Lombana is a quality

management system lead auditor
with ICONTEC, the national
standards body of Colombia,
which he has represented on
the, ISO/TC 176 and ISO/CASCO
committees, and convenor of
the CASCO Working Group WG 26,
responsible for reviewing and
updating ISO/IEC Guide 53.
Instituto Colombiano de Normas
Tcnicas /ICONTEC), Carrera 37
No. 52-95, Bogota D.C., Colombia.
Tel. + 57 1 607 8888.
Fax + 57 1 222 1435.
E-mail glombana@icontec.org.co
Web www.icontec.org.co
In addition to outlining steps in

the scheme selection, determination, review and attestation, and surveillance, the
guide provides actual examples of data forms for product certification schemes that
use either very few, or many,
requirements of a QMS. In
questionnaire format, these are
intended to provide a certification body with information
about the organizations QMS,
competence and implementation responsibilities.
IEC 17000:2004, Conformity

assessment Vocabulary and
general principles.
1. needs to demonstrate its ability to consistently provide

product that meets customer and applicable regulatory requirements, and
2. aims to enhance customer
satisfaction through the
effective application of the
system, including processes
for continual improvement
of the system and the assurance of conformity to customer and applicable regulatory requirements.
Scope
In scope, Guide 53 outlines
a general approach by which
certification bodies can develop and apply product certification schemes utilizing the
requirements of an organizations QMS, and involves the

following principles :
assessment of an organizations QMS and its capability to consistently supply products conforming to
specified requirements ;
testing, inspection or comparable verification of the
products conformity to
scheme criteria and specified requirements :
application of a suitable
surveillance scheme to
ensure continual conformity to specified requirements of products supplied
by the organization, and
control of the mark of conformity and/or logo of the
certification body.
The guide requires those interested in using it in developing
product certification schemes to
be familiar with ISO 9001:2000,
and with the more general
certification and surveillance
provisions in ISO/IEC Guide
67:2004, Conformity assessment
Fundamentals of product certification.
D, E and H modules of European Directive 93/465/CEE

and some IEC modules are
examples of product conformity assessment schemes that
include QMS requirements.
Benefits
ISO/IEC Guide 53:2005 is
intended to make product
supplier organizations aware
of the benefits of access to
product conformity assessment
schemes offered by certification bodies, which include verification of QMS requirements.
This can lead to increased confidence in fulfilling product
requirements, and to reduced
risks related to certification.
Simplification of some stages
of product conformity assessment can also yield corresponding reductions in cost
and time.
In certification of services,
there is still much to
accomplish
Guide 53 is based on the
assumption that an organization that has implemented a
ISO INSIDER
QMS covering the manufacture or supply of the product

to be certified gains advantage over a company that has
not done so.
New edition of influential ISO/IEC standard on

by Roger Frost
Good alternative
In the certification of services,
there is still much to accomplish, although service certification schemes have been
established that include some
QMS requirements, for example, those related to the competence of personnel providing
the service (see ISO 9001:2000
clause 6.2.2 C o m p e t e n c e,
awareness and training), and
the necessary infrastructure
supporting the service (clause
6.3 Infrastructure), among
others.
Some national service standards have been established
following this approach in
sectors such as tourism, dangerous goods transportation,
moving, and cleaning. However, establishment of QMS
requirements based on ISO
9001:2000 provides a good
alternative for the service
industry, particularly due to
the standards responsiveness
to changing customer needs.
A new edition has just been

published of an ISO/IEC
standard acknowledged as
the international benchmark
for approving the competence
of the testing and calibration
laboratories that play a vital
role in trade, in product development and manufacturing,
and in protection of the consumer.
ISO/IEC 17025:2005, General
requirements for the competence of testing and calibration
laboratories, replaces the 1999
edition which has been used
to accredit (approve) some
25 000 laboratories worldwide
that test products and samples, and calibrate precision
instruments.
Confidence in the
is frequently needed
by businesses and by
government regulators and
trade officials
However, the influence of
ISO/IEC 17025 is even greater
than this figure suggests since
many countries make its use
a legal requirement. In addition, documents derived from
it are used by laboratories in
specific sectors such as medicine and microbiology.
ISO Secretary-General Alan
Bryden commented : ISO/
IEC 17025 benefits business,
government and society at

large. Confidence in the competence of laboratories is frequently needed by businesses
when testing new products, or
ensuring that finished products
are fit for sale, by government
regulators and trade officials
that require assurance about
domestic or imported products before they can be placed
on the market, or for ensuring
the quality and reliability of
testing and analysis relating to
environmental, health or safety hazards.
ISO/IEC 17025:2005 contains
all of the requirements that
testing and calibration laboratories need to meet in order to
demonstrate to customers and
ISO INSIDER
regulators that they operate

a sound management system
which puts them in full control
of their processes, are technically competent, and are able
to generate technically valid
results. Accreditation bodies
that recognize the competence
of testing and calibration laboratories will use the standard
as the basis for their accreditation.
Worldwide
Dependable testing and calibration laboratories are ones
that have been duly accredited as competent and ISO/
IEC 17025:2005 is the laboratory accreditation standard
that, like the edition it replaces, will be counted on by business and governments worldwide, declared Peter van de
Leemput, who led the ISO
group of experts that carried
out the work.
The new, 2005 edition results
from the amendment of ISO/
IEC 17025:1999 to ensure its
compatibility with the requirements of ISO 9001:2000, Quality management systems
Requirements. This became
necessary because of the generalized adoption of quality
management systems conforming to ISO 9001:2000, including
many of the organizations that
testing and calibration laboratories serve.
It also seeks to clarify that
while compatible, the two
standards are not inter-changeable. Although both standards
can be used by laboratories as a
framework for providing their
customers with confidence that
they are managing their activities, only ISO/IEC 17025 can

be used to demonstrate the
technical competence specific to laboratories.
ments to make to their existing procedures to ensure that

the new orientations in the
management requirements are
fulfilled.
Laboratories may choose to

be accredited to ISO/IEC
17025, or be certified to ISO
9001:2000, or both, but the
processes of accreditation
and certification would still be
two separate actions, although
highly facilitated both for
the laboratories and the assessors by the consistency now
ensured between the two
standards.
The International Laboratory Accreditation Cooperation (ILAC) has set a transition period of two years from
date of publication of the new
edition 12 May 2005 for
accredited laboratories to comply with the standards requirements.
There are no essential changes to the technical requirements. The modifications relate
mainly to the management
requirements in the document
to reflect the content of ISO
9001:2000, especially in a greater emphasis on the responsibilities of top management,
on the need to demonstrate
a commitment to continually
improve the effectiveness of
the management system, on
customer satisfaction, and on
internal and customer communication about the management system.
ISO/IEC 17025
will be counted on by
business and governments
worldwide
Peter van de Leemput summed

up: Laboratories that have
described and controlled their
processes within the laboratory as already required by the
1999 edition of ISO/IEC 17025
will only have minor adjust-
ISO/IEC 17025:2005, General

requirements for the competence of testing and calibration laboratories, costs 112
Swiss francs and is available
from ISO national member
institutes (complete list with
contact details available on
the ISO Web site: www.iso.
org) and from ISO Central
Secretariat (sales@iso.org).
It was developed by Working Group 25 of ISO/CASCO, Committee on conformity assessment.
INTERNATIONAL
Survey compares experience

of ISO 14001 users in United Kingdom
and China
Nothing beats the test of experience. A recent survey compares the experience of ISO 14001 users in the United Kingdom and in China, and of
users compared to non-users. Its author concludes that ISO 14001 can help
an organization make real progress towards sustainable development.
by Timothy Wan
ISO 14001 is generally regarded as the global benchmark

for environmental management systems (EMS). It offers
an opportunity for improved
environmental performance
coupled with tangible business benefits and therein lies
its appeal. More than 74 000 1)
organizations worldwide had
achieved ISO 14001 certification by late 2004, and this
number continues to grow at
over 30 % per annum.
However, some critics believe
that ISO 14001 does no more
than facilitate compliance with
environmental regulations, and
can impose significant implementation costs. What do companies really think ?
The research studied

44 large engineering
companies in the United
Kingdom and China
Following are key findings of

a multi-company survey I conducted in 2004 (see box) to
support or refute those opinions. Its main purpose was to
assess the ability of ISO 14001
to improve the environmental performance management
of organizations. The research
studied 44 large engineering
companies with a turnover
exceeding 40 million euros per
year, divided equally in sample
size between the United Kingdom and China. In each case,

half of the companies were
ISO 14001-certified, and half
uncertified.
The objective was to compare their ability to set goals,
measure and review environmental performance, and
examine the actual environmental improvements they
had achieved. Responses are
reported under the key questions asked.
Th e r e a s o n f o r c h o o s i n g
to compare environmental
performance management
between companies in the
United Kingdom and China,
INTERNATIONAL
particularly in assessing the

effect of political and geographical differences on ISO
14001 implementation, was
the fact that these two countries were ranked second and
third respectively in ISO 14001
certifications, behind Japan, in
The ISO Survey 2003 2).
My findings indicated that
organizations from both countries experienced positive
results in managing environmental performance, with four
important differences.
Greatest threat
Firstly, Chinese organizations
set a higher priority on reducing the impacts of pollution
and waste generation (see
Figure 1). Given the dramatic rate of urban and economic development in China, it is
not surprising that these are
the two key issues on the governments environmental agenda. This is increasingly apparent in the run up to the 2008
Olympic Games, particularly for organizations based in
Chinas major cities.
Secondly, many Chinese companies had no environmental
policy before implementing
1) According to statistics collected

by Reinhard Peglau of the Federal
Environmental Agency, Germany,
74 004 organizations had been
certified in accordance with ISO
14001 by October 2004.
2) The ISO Survey of ISO
9001:2000 and ISO 14001 Certificates 2003 (ISBN 92-67-10393-7)
is available as a combined report
and CD-ROM at a cost of 47
Swiss francs from ISO (www.iso.
org). The principal findings are
available free of charge on the
ISO Web site.
Others
Waste
generation
29
20
United Kingdom
14
60
Resource
scarcity
29
20
Prosecution
29
20
Pollution
29
China
60
Figure 1 : What is the greatest environmental threat to your

organization?
their ISO 14001 certification
programmes and were only
able to comply with environmental regulations after implementation. In contrast, most
United Kingdom-based firms
sought improvements beyond
compliance.
Thirdly, Chinese companies
expected ISO 14001 to enhance
innovation and marketing, rather than reduce cost, while the
British enterprises found the
cost-saving element more significant as their environmental
management improved.
These findings say much about
the adaptability of ISO 14001
ability to different organizations. Many Chinese organizations used the standard as
a means to develop an EMS
or environmental policy from
scratch. However, their environmental awareness, environmental performance, and
management started from a
lower level than in most developed nations. Few Chinese
companies had the management resources or managerial
training to establish an EMS
until recently, in contrast to
companies in most developed
nations.
Exceeding requirements
Fourthly, a higher percentage
of Chinese companies claimed
they could obtain the same
environmental improvements
without ISO 14001 (see Figure 2). There are two possible
explanations. In the first place,
many Chinese companies form
part of a supply chain to multi-national organizations that
already have a stringent EMS
in place, and are expected to
apply best environmental practice to meet customer requirements, regardless of being ISO
14001-certified or not. A similar trend can be seen in other
labour-intensive countries such
as Vietnam and Mexico.
United Kingdom
China
Hard to say
43
Yes
57
20
%
80
Figure 2 : Are you doing anything more than that required

by ISO 14001 to improve environmental performance or sustainability?
In the second place, expectations of auditors and certification bodies in China may be
lower than those in the United Kingdom. This finding could
indicate that the average level of environmental performance management constantly
evolves as a result of continual improvement.
The United Kingdom

and China were ranked 2nd
and 3rd respectively in
ISO 14001 certifications
in The ISO Survey 2003
Nevertheless, most of my
research findings indicate that
geographical location has little effect on ISO 14001 implementation, and on training and
auditing activities.
Opportunities
Overall, the findings indicated
superior environmental performance management from
the ISO 14001-certified organizations. In terms of goal setting,
uncertified companies tended to direct corporate policies
towards compliance alone. They
saw little real business opportunity from environmental
changes apart from the greenwashing effect, and considered
environmental issues irrelevant
to their future and profitability. Those who had implemented ISO 14001 said the opposite
(see Figure 3, overleaf)
Certified companies identified
environmental aspects that were
relevant to their future operations, tended to stay ahead of
regulatory requirements and
found more innovative and
INTERNATIONAL
Non-ISO 14001 organizations
ISO 14001 organizations
75
Improved publicity
17
0
Reduced
costs
33
New business
opportunities
0
42
50
58
0
10
20
30
Innovation
40
50
60
70
80
Figure 3 : What opportunities do

environmental changes present
to your organization ?
Certified companies also benefited from having both internal and external environmental auditing which increased
the reliability and transparency of the exercise. Evidence
of continual improvement
was reported in 75 % of certified companies, but in none
of the uncertified respondents.
This contrast in commitment
reflects the stronger drive of
the ISO 14001 review process, with its central concept of
improvement.
It should be noted that 50 %

of the non-certified organizations failed to respond fully to
the survey, and therefore the
above analysis contains some
degree of uncertainty. However, the significant difference in response between the
two groups reflects a greater
willingness of certified companies to disclose environmental
information. This runs contrary
to some scepticism about the
transparency of an ISO 14001based EMS.
profitable ways of doing business.

Both certified and uncertified
companies reported improved
levels of environmental performance since 2000. This was
probably driven by environmental legislation and/or pressure from customers. However,
ISO 14001-certified companies showed a greater degree
of improvement as a result of
their commitment to continual
improvement, and a tendency
to exceed ISO 14001 and legislative requirements. Many had
also received awards for outstanding environmental performance.
Measuring performance
ISO 14001-certified companies
often utilize formal performance indicators that are not
evident in uncertified companies, and their environmental
performance suggests a greater ability to measure, evaluate and improve. In addition,
most uncertified organizations
did not carry out environmental or sustainability reporting,
while 80 % of those implementing ISO 14001 did.
About the author and the research

Timothy Wan is currently developing instructor resources
for engineering and sustainability education at the University of Cambridge, United Kingdom, and also at the Massachusetts Institute of Technolog, USA.
The best
ISO 14001 thrives by being
the best and most generic tool
available to improve environmental performance management. It offers a degree of flexibility not seen in its closest
competitor the Eco-Management Audit Scheme (EMAS).
It is adaptable to an existing
environmental management
system, or to companies establish an EMS for the first time.
It provides solid framework for
improving corporate environmental performance.
A possible weakness of ISO
14001 is its non-requirement
for organizations to report
environmental performance
to the public, since the decision to do so or not is left to
the organization.
The survey, conducted as part of his MPhil degree course

at Cambridge, was based on a sample of 44 engineering
companies with an annual turnover of 40 million euros
and more than 250 employees 22 based in China and 22
in the United Kingdom.
Geographical location
has little effect on
ISO 14001 implementation
Half of the companies chosen had been certified to ISO

14001 before 2000, to ensure sufficient time for the impact
of implementation to be measured. The remaining companies were not certified, but were required to have an environmental policy or an environmental statement in their
corporate policy in effect before 2000.
By closing this loophole and

adopting complementary tools
for managing occupational
health and safety and social
responsibility issues, ISO 14001
can help an organization manage its financial, environmental and social responsibilities
simultaneously, thus making
real progress towards sustainable development.
The author wishes to thank Professor Peter Guthrie and Dr.

Richard Fenner of the Cambridge Centre for Sustainable
Development for their continued support during preparation and completion of the research programme.
Timothy Y.M. Wan, Research Executive, Cambridge University
Engineering Department, Trumpington Street, Cambridge
CB2 1PZ, United Kingdom.
Tel. + 44 (0)1223 330266.
E-mail tymwan@gmail.com
Web www-g.eng.cam.ac.uk/sustdev/people.html
INTERNATIONAL
Overcoming language and

literacy barriers to ISO 9001:2000
implementation
ISO 9001:2000 quality management systems are documented. What happens
when the organizations work force is more at home in a minority language
than in the one used in the QMS and is anyway semi-literate ? This case
study reports how Indian agricultural pesticide manufacturer Hyderabad
Chemical Supplies overcame the challenges and achieved impressive
results.
by Sambasiva Rao Choda
Author Sambasiva Rao Choda,

CEO of Choda Leadership Centre,
Hyderabad, India, is a qualified
Lead ISO 9000 and ISO 14000
auditor and associate of National
Quality Assurance Ltd. (NQA).
He has published over 100 articles
on quality management principles, and has trained executives
in quality matters throughout
India, and in Europe.
Choda Leadership Centre, Hyderabad,
India.
Tel. + 91 98 480 21382.
E-mail choda_centre@hotmail.com
While infrastructure and technology are essential tools, it

is quality control that provides the cutting edge, states
Hyderabad Chemical Supplies
1)
Ltd. (HCSL) , a pioneer in the
manufacture of pesticides in
India, meeting the plant protection needs of thousands of
farmers throughout the subcontinent.
HCSL was certified to ISO
9001:2000 in April 2003. However, the implementation process was particularly challenging because the key to gaining
the involvement of employees
at all levels turned on two critical factors language and
literacy.
An essential principle of the
Choda QMS Methodology ,
developed by the Choda Lead-
1) Hyderabad Chemical Supplies

Ltd, A-24/25 Assisted Industrial
Estate, Balanagar, Hyderabad
500037, India.
Tel. + 91 40 377 2651.
Fax + 91 40 377 2595.
INTERNATIONAL
Establishing a core group

While I highlight this as an unusual feature of the QMS programme at HCSL, the implementation process started
earlier with the establishment
of a core group of fi ve functional executives to review gaps
in the existing quality system
when compared with ISO 9001:
2000 requirements.
An essential principle is to
ensure that all employees
feel a sense of ownership
in the QMS
They then formulated the

quality policy which states, as
its guiding mission : We are
committed to manufacture and
market quality plant protection chemicals in a cost effective manner for the delight of
the customer.
QMS documentation was
developed in line with ISO
9001:2000 elements, customer needs, and with statutory,
regulatory, organizational
and chemical sector specific
requirements. The procedures
were then adapted and simp l i fied for routine use as
described.
Office premises of Hyderabad Chemical Supplies Ltd.

ership Centre, Hyderabad,
which we apply in helping
companies implement ISO
9001:2000, is to ensure that
all employees feel a sense of
ownership in the quality management system (QMS). That
can only be achieved by their
gaining a full understanding
of the system and its documentation.
When training employees,
we find that if the consultant
involves them closely in preparing documentation and
in the implementation and
improvement processes, the
system then becomes integrated with the working routine
and the business results flow
accordingly.
Packing, sealing and printing

of plant protection chemicals at
HCSLs ISO 9001:2000 plant in
Hyderabad, India.
Translation
In the case of HCSL, there
were obstacles to overcome
before this could be achieved.
Many employees find English
difficult to understand, particularly in sentences and paragraphs. ISO 9001:2000 documentation was seen as the
foundation of the QMS but
not as the foundation of a
course to learn English.
So, with the help of consultants Mrs. Madhavi and Mrs.
Raghu Jyothi, of the Professional Quality Management
Centre (PQMC), Hyderabad,
the system work instructions
were re-written in simplified
English, supported by translation into the local Telegu language, and by pictorial representation where feasible.
The result of this effort was a
work force that became highly
motivated to implement the
ISO 9001:2000-based QMS
culminating in many benefits
to the company.
The core group was exposed to

ISO 9001:2000 principles and
elements, and their application
to the plant protection chemical industry : good manufacturing and laboratory practices ;
health and hygiene policies ;
safety methods and environmental controls ; control of
product labels, and specific
requirements for the export
of chemicals.
Mr. Simhachalam, Works Manager,

testing PPC.
Around 500 Standard Operating Procedures (SOPs)
have been formulated to cover all operations, organizational goals and ISO 9001:2000
requirements, cross-referenced
in the department manuals and
quality system procedures.
We conducted the first internal audit three months into
INTERNATIONAL
A production
supervisor monitors
process
parameters on
the HCSL
production line.
Work instructions were

re-written in simplified
English, supported by
translation into the local
language, and by pictorial
representation
implementation of the updated QMS and completed corrective actions to improve the
system. Two consultancy audits
followed, focusing on employee
awareness of the QMS, and the
effectiveness of the implemented system. This analysis
led to further corrective
actions. Such was the thoroughness of these audits that
only few minor nonconformities were found in final assessment and certification.
Monitoring QMS
performance
HCSL set a number of parameters for measuring the effect of
its QMS. These included :
increases in turnover and
yield,
customer satisfaction,
vendor performance,
employee satisfaction,
reduction of waste including
solvent losses in storage
tanks,
inventory reduction,
training of employees,
container reject rate reduced

from 4 % to 0,4 %, and
Karshaka Shaya Vani initiative introduced providing 24-hour online advice
to farmers about crop management.
The percentage of on-time

deliveries has increased
from 85 % to 99,9 %
An operator
transports liquid
solvents to
store at HCSLs
corporate
headquarters.
To summarize, I believe quality training, documentation

adapted and interpreted by the
organization, plus the enthu-
Impressive benefits
In the two years since ISO
9001:2000 certification, HCSL
has seen some impressive benefits. Customer complaints have
fallen dramatically from ten
to one per month, while the
percentage of on-time deliveries has increased from 85 %
to 99,9 %.
Equipment downtime has
dropped from 5 % to only
0,1 %, linked with a reduction
in process losses from 10 % to
1 % despite an increase in the
number of product introductions. And during the period
annual turnover has increased
from USD 10 million to USD
44 million, without adding
manpower.
development and marketing

of new chemicals,
improvements in each area/
process,
increase in market share,
and
financial results.
In the two years since

ISO 9001:2000 certification,
HCSL has seen some
impressive benefits
Additional measures and

improvements achieved
since QMS implementation
include :
solvent storage levels
reduced from 3,5 % to
1,23 %;
laminated film wastage in
granular formulation plant
reduced from 5 % to 1 % ;
zero variation achieved
between physical stock levels
and recorded stock levels ;
siastic involvement and clear

understanding of all employees in the ISO 9001:2000 implementation process can bring
excellent business results to
an organization. HCSL is an
outstanding example of what
can be achieved,
INTERNATIONAL
Santander Serfin takes ISO 14001

lead in Mexican banking sector
Mexican bank Santander Serfin has taken the lead in its sector, responding
to top-of-the-agenda governmental and public concerns about the environment by becoming the first banking institution in the country to
implement ISO 14001.
by Sandra Villanueva and

Fernanda Zubizarreta
Co-authors Sandra Villanueva
(left), Media Supervisor, and
Fernanda Zubizarreta (right),
Marketing Manager,
of AENORMexico, which certified
Santander Servin to ISO 14001.
AENORMexico, Presidente Masaryk
473-3, Colonia Polanco, M-11510
Mexico DF.
Tel. + 525 55 280 77 55.
Fax + 525 55 280 78 80.
E-mail aenormexico@aenormexico.com
Web www.aenormexico.com
Today, sustainability issues are

becoming generalized, nonnegotiable demands of the
general public. In the business
world, sustainability extends
to social, economic and environmental responsibility. And
regardless of the sector in
which a company operates,
social responsibility implies
a commitment to reducing its
impact on the environment.
One company that has taken
the lead in its sector by demonstrating such a commitment is
Santander Serfin, a member of
Grupo Santander and the first
banking institution in Mexico
to implement an ISO 14001based environmental management system (EMS).
Santander Serfin is headquartered in Mexico City, a metropolis of almost 24 million inhabitants. Environmental pollution
is one of the citys biggest problems, exacerbated by its location in a valley 2 240 metres
above sea level.
environmental impact, including the Hoy No Circula (No

Driving Today) scheme banning 10+ year old vehicles one
day a week, encouraging more
cycling, and promoting environmental certification of public and private companies.
Pollutants from human and

industrial activity and emissions from millions of vehicles disperse slowly. The
problem is further aggravated by intense solar
radiation at that altitude
which provokes the rapid
formation of ozone and
secondary particles.
Regulations now require all

industrial companies producing hazardous waste to certify
Taking up the challenge

Reducing pollution is top
of the governmental, corporate and social agendas
in Mexico. Various initiatives have been taken in
the capital city to reduce
(Left to right) Enrique

Mondragn and Edmundo
Prez Toledo, ISO 14001
team managers at
Santander Serfin,
display the EMS
certification awards.
INTERNATIONAL
and energy, the generation

of waste in its many forms
and the distribution of products and services, until the
moment comes when they
used by the consumer and
then discarded.
This prompted Jos Rodrguez
Ziga, Maintenance Manager
at Santander Serfin, to ask :
What is the actual impact we
cause on the environment as a
banking institution ?
Santander Serfins ISO 14001-certified Santa Fe Corporate Centre building in Mexico City 1).
their waste collection, handling
and elimination systems. However, there is less obligation on
service companies to reduce
the emission of pollutants or
consumption of non-renewable materials. Instead, they are
expected to take action voluntarily in the context of social
responsibility. Santander Serfin
was the first financial institution in Mexico to take up the
challenge.
Reducing pollution
is top of the governmental,
corporate and social
agendas in Mexico
The company, together with
Grupo Santander, decided to
implement an EMS as part of
its Corporate Social Responsibility and Environmental Pol-
1) Banco Santander Serfin,

Prolongacin Paseo de la
Reforma #500,
Col. Lomas de Santa Fe,
Mxico, D.F. C.P. 01219.
Tel. + 525 55 257 80 00 ext. 46177.
Fax + 525 55 257 80 00 ext. 46174.
E-mail edmperez@santander.com.mx
Web www.santander-serfin.com
icy Plan. The objective was to

integrate environmental protection with strategy and management, and achieve ISO
14001 certification.
In December 2004, after more
than a years work, AENOR
certified the administration,
management and maintenance
of Santander Serfins Santa Fe
Corporate Centre building in
accordance with ISO 14001.
Environmentally smart
Constructed in 1994 and housing some 1 800 employees, the
companys corporate centre
was designed as an environmentally smart building from
the outset. This in itself was a
good starting point for staff
members directly involved in
the implementation and certification process. However, further measures were required
to reduce the environmental
impact still more.
According to the ISO 14001
approach, all business activity involves the possibility
of generating environmental impacts, such as the consumption of raw materials
Reduction of water, paper

and electrical consumption
largely depends on
the awareness of the
employees
According to Gerardo Martnez Ruiz, Services Manager, the impacts identified were
translated into key objectives
reduction in the consumption
of non-renewable resources
such as energy, water, paper,
and controlled management
of toxic waste and hazardous
residues.
Once we were aware of the
impact of the bank on the environment, said Carlos Silva
Hernndez, Legal Manager,
the next step was to adapt
the requirements of ISO 14001
and applicable legislation to a
banking institution.
In doing so, the organization
realised that many of the processes had already been implemented, but had not been put
into writing, and that implementation of ISO 14001 would
help to bring the pieces together.
Teamwork gets the credit

For a successful implementation
of ISO 14001, all departments
of the organization should
become involved in the process to ensure that the EMS is
correctly applied and functions
properly. This extends to the
interaction between the building and the personnel that work
in it. That is an integral part of
environmental management.
In the case of Santander Serfin,
architect Edmundo Prez Toledo,
Vice Manager of Real Estate and
Head of the Banks Environmental Committee, credits the companys successful EMS implementation to the work of many
of its departments. The following
departments, in particular, continue to participate actively :
Legal
In charge of adapting the existing legislation and standards, to
comply with the banks established provisions and objectives, and to ensure that the
system is kept up to date.
Quality
Responsible for implementing
the EMS and monitoring the
system by coordinating internal audits.
Maintenance
In charge of maintaining the
buildings equipment in good
condition to reduce polluting
emissions. Also responsible
for installing devices to reduce
the consumption of water and
electricity.
Services
Responsible for managing
the buildings non-renewable
resources, such as water, electricity and paper.
INTERNATIONAL
Security and Civil Protection

This department implements
emergency plans as required
by ISO 14001 (4.4.7 Emergency preparedness and response),
covering actions taken by
employees before and after
an emergency, and reducing
environmental impacts by eliminating risks such as excessive
accumulation of paper, cleaning
products and used batteries.
Corporate Security Manager
Julio Cesar Gonzlez Loera
explains that special containers
have been designated to store
the smallest possible quantities
of hazardous materials, such as
used batteries or empty ink cartridges. These can also be used
by employees to dispose of similar household waste.
Medical Service
The Medical Service collaborates by coordinating the
handling and elimination of
medicines, infectious biological waste and sharp medical
implements, outsourced to a
specialized company.
Economic advantages
Although the main objective of
implementing ISO 14001 was
to reduce the companys environmental impact, Santander
Serfin has achieved economic
advantages as well.
In 2004, the year of implementation, the corporation reduced
consumption of photocopy
paper by 60 %, energy use by
38 % and water by almost 5
%. These savings have been
reflected in the lower cost of
these services.
How was it done?

The bank purchased photocopying machines that use recycled
paper and made employees
more aware of the indiscriminate felling of trees for papermaking. These were key elements in dramatically reducing
paper consumption.
Although the building always
had water-saving toilet facilities, a rainwater collection
system and its own internal
water treatment plant, employees made bigger efforts to

save water as a result of EMS
awareness.
Reduced electricity consumption was achieved by better
time control of the air-conditioning and lighting equipment,
and by installing sensors.
Awareness was the key

The successful implementation
and operation of Santander
Serfins ISO 14001-based EMS
owes much to the participation of all 1 800 employees
at the Santa Fe Corporate
Centre building. Meetings to
explain how the EMS functions emphasized the fact that
the banks environmental policies and objectives would only
be realized if every employee
collaborated.
Certification was an achievement for everyone. Employees took up the challenge with
enthusiasm, and that is the reason for our success, explained
Araceli Paz Gamero and Diana
Vargas Romero, Quality Managers.

The reduction in the consumption of water, paper and electrical energy largely depends on
the environmental awareness
of the employees. They were
really committed to the cause
because it is a noble issue and
something one can achieve at
home too, says Violeta Caro
del Castillo, Vice-Manager of
Corporate Communication.
Sowing the seeds

Mexico has been making
great strides in environmental
issues, and even though there
is still a long way to go, Grupo
Santander has participated as
part of its social responsibility programme. This first seed
will create awareness in neighbouring companies and this is
important since it needs a collective, not individual, effort if
we are to have a better country in which to live, concludes
Carlos Silva Hernndez.
Training
Provides training for all company personnel and supplier
company staff, tailored to their
particular EMS activity.
Communication
Disseminates EMS information through the Intranet to
all who work in the building
and reinforces the message via
a monthly magazine and regular campaigns.
Human Resources
Coordinates the participation
of all head office employees
in the EMS.
It was all
about team
work : the
ISO-14001
implementation
team at
Santander
Serfin proudly
display their
certificate.
SPRING cultivates harvest

of standards for Singapores
service-rich economy
With the service sector contributing 62 % of Singapores gross domestic
product (GDP) and 77 % of employment, the Singapore Government
places great emphasis on the development of standards for services. A first
in this field will be the Singapore Standards on Exhibition Terminology.
by Lim Lee Fang

Lim Lee Fang is a manager with
the Standardization Department
of SPRING Singapore (Standards,
Productivity and Innovation Board).
E-mail stn@spring.gov.sg
Web www.spring.gov.sg
Web www.standards.org.sg
Ask the man or woman on the

street what standards mean
to them and they may answer
ISO 9000 or ISO 14000 .
Others may mention manufacturing standards that exports
must meet to enter overseas
markets. What the passer-by
may not know is the growing
importance of standards for
the service sector.
Singapore is one of the few
countries in the world pushing for national standards for
the service sector, given the
increasing importance of services to its economy.
SPRING Singapore (Standards, Productivity and Innovation Board), Singapores
national standards body and
champion of small businesses, has been actively identifying and developing standards
for the service sector.
SPRINGs Chief Executive
Loh Khum Yean comments :
With services making up more
than half of economic activity
for nearly all WTO members
and trade in services making
up nearly a quarter of overall global trade, we recognize
its rising potential and importance.

In Singapore, the service sector is a vital engine of growth,
contributing 62 % of our GDP
and 77 % of employment. It is,
therefore, critical to initiate
and develop national standards
for specific service sectors to
address key concerns that may
impede growth.
by ISO and co-sponsored by

the World Trade Organisation
(WTO), on Service standards
for open global markets . And
it has not looked back.
Work commenced on two
national standards for exhibition management services
immediately after the AsiaPacific Regional Seminar in
1998 and shortly after that,
work began on performance
Structured approach
Singapores journey towards
the development of service standards began in 1998
when it hosted the first of four
regional seminars, organized
Singapore has developed the

worlds rst national standard on
exhibition terminology to help
enhance and raise service and
operational standards in the exhibition management industry.
The recent development of a

technical reference on maturity
assessment for e-supply chain
management (eSCM) will benet
enterprises in the logistics industry,
especially in terms of reduction in
costs related to order-tracking and
recovery, logistics, production
management and inventory holding.
standards for property management agents and for the cleaning of commercial premises.
The service sector

contributes 62 % of
Singapores GDP and 77 %
of employment
With the increasing number
of standards for the service
industry, SPRING established
the Services Standards Committee (SSC) in October 2001
to oversee this work under
the national standardization
programme. The SSC led the
development of standards for
services with the following
objectives in mind :
nurture a pro-business environment that encourages
enterprise formation and
growth ;
drive the development
of selected service industries through collaborative
efforts with business associations and stakeholders ;
mittees and working groups,

have been formed to look
into standardization for the
tourism, exhibition, logistics,
environment, financial planning, education, healthcare and
retail services.
increase access to overseas

markets and opportunities.
Typically, these committees

are made up of representatives
from industry associations and
relevant government agencies,
together with selected industry
players. To date, seven service
standards have been developed
and launched.
A total of nine committees,

which comprise technical com-
SPRING Singapore also works

closely with industry associa-
enhance the productivity,

innovation and competitiveness of enterprises ; and
tions to encourage the use of

standards with a high impact
on productivity through our
standards implementation for
productivity (SIP) projects to
increase the competitiveness
of industry in Singapore.
Exhibition management
Today, it is significant that
ISO has decided to develop
an International Standard on
exhibition terminology, using
one of the Singapore standards
as the initial draft.
ISOs Technical Management
Board (TMB) formally accept-
ed Singapores proposal for

such a standard in February
2005. Stephen Tan, Chief Executive of Singapore Exhibition
Services Pte. Ltd., will lead the
working group.
Ten member countries have
indicated their interest in
participating in this new ISO
working group. The 10 nations,
including Singapore, are Canada, China, Japan, France,
Norway, Russian Federation,
South Africa, United Kingdom
and United States of America.
The first working group meeting will be held in Singapore
this year.
Singapores efforts in developing the worlds first national standards on exhibition

services started in 1998 when
ISO announced services as
a new focus area. As exhibition trade shows in Singapore
attract more than 85 000 foreign trade visitors and 27 000
foreign exhibitors each year,
there was great potential for
this industry. With the local
exhibition industry behind it,
SPRING Singapore proposed
to ISO the development of a
new ISO standard on exhibition terminology.
This standard will help enhance
and raise service and operational standards in the exhibition
management industry by reducing uncertainties and ambiguities caused by the different
usage and understanding of
fundamental terms, allowing for
more effective and meaningful
trade show comparisons, and
ensuring industry professionalism and integrity. The International Standard will be a first
crucial step towards facilitating
the development and growth of
this industry worldwide.
Making headway
Besides the exhibition service
standards, Singapore has also
launched service standards in
e-supply chain management,
cleaning services and pest management.
Logistics
Singapores connectivity to
the world enables the quick
exchange of goods, capital,
information and ideas, so
there is a continuous need to
strengthen our logistics infrastructure.
To this end, Singapore has

developed a technical reference on maturity assessment
for e-supply chain management (eSCM) based on the
US Supply Chain Operational Readiness model. The eSCM
assessment programme identifies the potential world-class
eSCM capabilities that companies should adopt. It is a
live and evolving standard
that will incorporate global ebusiness and supply chain best
practices.
To date, seven service

standards have been
developed and launched
The two targeted industry sectors are high-tech manufacturing and logistics. Expected
benefits to the local enterprises include reduction in costs
related to order-tracking and
recovery, logistics, production management and inventory holding.
Cleaning services
The cleaning industry is generally viewed as a domestic
industry with a large pool
of unskilled or semi-skilled
labour. To improve the image
and productivity of the cleani n g i n d u s t r y, t w o n a t i o n al standards using performance-based benchmarks were
launched. One was for commercial premises which incorporated aspects of a NEN (national
standards body of The Netherlands) standard and the other is the first known national standard for the cleaning
performance of public housing estates.
The standard provides better defined and measurable

requirements. This helps spur
cleaning service providers to
improve their quality of service delivery and achieve a
higher standard of cleaning.
With increased automation and
mechanization of the cleaning
equipment, as well as the use
of information technology, the
professionalism of the industry will also be raised.
Pest management
As Singapore is a highly urbanized country, good pest management is important to ensure
that residents can continue to
enjoy a hygienic environment
with fewer pests. This newly
launched national standard on
pest management serves as a
guide to Town Councils managing public housing estates.
It is also the first known national standard for pest management. It specifies and standardizes the scope of work in their
contracts. At the same time, it
provides a set of performance
benchmarks that can be used
to measure the quality of the
performance and technical
competence of the pest management companies.
Other services standards

and standards implementation projects in the pipeline
include:
Hotel security
Amidst the current threats
and fears of terrorism, there is
increased emphasis on security to boost the tourism sector.
This is one of the key concerns
for Singapore, especially with a
high tourist arrival rate of some
eight million visitors a year.
It was therefore timely when
SPRING Singapore initiated
the development of a standard
on hotel security with the Singapore Hotel Association.
There is increased
emphasis on security to
boost the tourism sector
This will provide the framework for hotels to set up a
security management system,
thus, enabling them to provide
a higher level of safety, security and assurance to guests
and staff.
Retail
E-business messaging
Singapore supports the widespread adoption of the e-business messaging standards,
developed by EAN Inter-
national. It is based on the

XML standard for use on the
Internet, and implemented for
e-procurement by the fast-moving consumer goods (FMCG)
industry.
It lays the foundation for

e-business and will assist small
and medium-sized enterprises
who previously were unable to
participate due to the high cost
of the technology standard,
electronic data interchange
(EDI). With the new e-business messaging standard, the
FMCG industry can now be
more cost-effective and respon-
SPRINGs CEO Loh Khum Yean:

In Singapore, the service sector
is a vital engine of growth...
It is, therefore, critical to initiate
and develop national standards
for specic service sectors.
SPRING and standards

SPRING Singapores mission is to enhance the competitiveness of enterprises for a vibrant Singapore economy.
We work to nurture a pro-business environment that encourages enterprise formation and growth, facilitates the growth
of industries, enhances productivity, innovation and the capabilities of enterprises, and helps increase access to markets
and business opportunities. Our vision is to nurture a host
of dynamic and innovative Singapore enterprises.
As a national standards body, SPRING Singapore has been
actively promoting and encouraging companies to use and
adopt Singapore Standards in manufacturing products and
services. Where feasible, Singapore Standards are aligned
with International Standards to facilitate greater market
access for Singapores manufactured goods and exports.
As at March 2005, there are 756 Singapore Standards and
18 Technical References. Of these, 83 % (227) are aligned
with International Standards. The alignment strategy supports Singapores open trade policy and eliminates incidences
of standards becoming unnecessary technical barriers to
trade.
SPRING is actively participating in 31 ISO standards development committees and four IEC (International Electrotechnical Commission) committees, and holds three working
group convenorships.
sive in meeting customers

demands and challenges in the
market place.
Electronic product code
Another project to support
the FMCG industry is a pilot
scheme to tag all pallets, cartons and cases with the electronic product code (EPC).
This scheme will result in raising supply chain efficiency by
addressing problems such as
product diversion and tracking, supplier replenishment,
production planning, goods
receipt at the distribution centres, inventory control and storage, real-time availability of
products and other inventory-related issues.
Singapore launched the

first national standards on
exhibition management
services
The standard, which is developed by EPCglobal, will be
applied to players along the
entire retail store supply chain,
including retailers, distribution
centres and suppliers of packaged consumer goods. The EPC
G2 specification has been successfully submitted by EPCglobal to ISO which has accepted it as a new work item for
inclusion within the ISO 18000
suite of standards for automatic identification and data capture techniques.
RosettaNet standards
SPRING Singapore works very
closely with industry organizations such as RosettaNet Singapore to help facilitate the use
of new RosettaNet e-business
standards in logistics, particularly among small and medium-
sized enterprises, and is based

on the XML standard.
With electronic processing in
place, companies which are
linked up through the system
can download customs declarations and shipping documents.
This saves both time and money by cutting out manual delivery, reducing paperwork and
limiting human error.
Personal financial planning
The financial planning industry
in Singapore has high growth
potential given the increasing number of products being
launched and demand from
consumers. Participation by
this industry in international
standardization is timely, especially with banks accountants
and lawyers entering the traditional territory of the insurance companies.
Singapore is participating in
the ISO technical committee
ISO/TC 222, Personal financial
planning, and has a national
mirror committee monitoring
the international standardization activities. Our industry partners are actively participating in the ISO/TC 222
working groups.
The path forward

Looking to the future, SPRING
Singapore will continue to
work closely with relevant
industry bodies to identify
areas critical to the growth
of the service sector in Singapore. Standards addressing
the gaps identified can then be
developed so that companies
in these industries can benefit from higher productivity,
greater professionalism and
increased efficiency.
NEXT ISSUE
ISO INSIDER
Lessons of the ISO
14001 SME survey
There are more than 72 million registered small and
medium-sized enterprises (SMEs) in the world,
although as most businesses of this type are not registered, the actual figure
may be in the hundreds of
millions. Therefore, their
impact on the environment
is huge and a sustainable
future without their involvement is inimaginable. This
article examines the results
and lessons of the recent
online survey carried out
by ISO to gather feedback
on the use of ISO 14001 by
SMEs.
SPECIAL REPORT
For example, ISO 9001:2000
primarily affects the certified
firm and its customers, but is
not something that end consumers, nongovernmental
organizations, or governments
have much interest in, while
the ISO 14000 family is more
tied obviously linked to a
broader subsection of global,
societal interests.
How do standards
become global supply
chain pressures or
cultural convergence ?
It is clear that standards such
as the ISO 9000 and ISO 14000
families have been adopted at
different rates by countries
across the world. Likely, the
same will be true for the
recently launched ISO guidance for social responsibility,
and for trade-facilitating
standards such as those disseminating RFID (radio identification frequency) technology. It is also clear that a range
of factors contribute to the
global diffusion of these standards : supply chain pressures,
word-of-mouth, personal contacts, etc.
This Special Report argues

that global diffusion of standards which reflect the interests
of a broader group of stakeholders than customers only
will be driven more by cultural forces than is the case for
standards which are relatively
narrow .
STANDARDS
FOR SERVICES
Improved
ISO/IEC 17799 for
secure information
INTERNATIONAL
The impact of ISO 14001
certification on Israeli
exports
The revised ISO/IEC 17799,

Information technology
Security techniques Code
of practice for information
security management, integrates the latest developments in the field to maintain
it as the international benchmark for protecting information in e-commerce.
Companies in six countries

that are leading trade partners of Israel were surveyed
to find out whether ISO 14001
certification by their Israeli
suppliers had any influence
on their choice.
ISO 9000 survey in India

shows value of customer
focus
As India climbs the world
economic table, the experience
and views of ISO 9000 certi-
fied companies are increasingly influential. This study

of long-certified companies in
southern India ranks the benefi ts they report and, more
importantly, reports what
their customers have to say.
Focus on the United

Kingdom
While product quality and
safety has improved considerably over the years due to
the role of standards, services have improved very little.
Receivers of services often
complain of poor service
levels such as billing or complaints handling procedures.
This demand side of business must be engaged to successfully address services
issues. This article examines
existing standards, those in
development and comments
on what further is needed.
al.
v
i
n.
v
o
r
i
t
u
c
s
ote
ns
r
o
i
p
t
a
t
es
niz
b
a
g
e
r
s th
ur o
e
o
y
v
r
ese
al to
t
d
i
v
t
is
se
s
n
a
o
i
s
at
u
o
m
i
r
c
o
e
f
In
pr
a
h
Suc
05
0
2
:
79 9
7
1
ion
l
C
t
a
E
a
I
n
/
m
o
I SO ternati or infor nt
f
e
in
T h e c h m a r ka n a g e m
ben urity m
sec
For most businesses, information security is

essential to maintain competitive edge, cash
flow, profitability, legal compliance and commercial reputation. For many businesses and nonbusiness organizations, information may be their
principal asset. A breach of information security
may threaten their very existence.
ISO/IEC 17799, the state-of-the-art countermeasure,

has just been updated and improved. Use it to make
your information assets even more secure !
Available from ISO national member institutes (listed
with contact details on the ISO Web site: www.iso.org)
and from the ISO Central Secretariat Web store at
www.iso.org. E-mail enquiries to sales@iso.org.
Probably, youve heard the expression,

One good idea can change your life !
Definitely, one good ISO standard could

change your business for the better
ISO has more than 15 000 great standards for you to choose from !

Full Issue PDF

Uploaded by

Copyright:

Available Formats

You might also like

Full Issue PDF

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Full Issue PDF

Uploaded by

Copyright:

Available Formats

Vol. 5, No.

ISO Management Systems

When Results Count. ISO Standards.

ISO 22000 update

Get me the money !

ISO/IEC 17025:2005. The international accreditation

Confidence in the competence of laboratories

Competent laboratories operate to

by businesses when testing new products, or

Competent laboratories operate to

by government regulators and trade ofcials

Available from ISO national member institutes

How quality information helped

aturally, most readers of ISO Management Systems

Fortunately if it is possible to describe

Therefore, Matt Morgan contacted his radio dispatcher to

The ISO 9001:2000 QMS

This is what happened. Officer Morgan was

Let us not overstate the case. Matt Morgan

At the same time, let us not understate the

ISO Management Systems July-August 2005 1

What sort of manager are you ?

Im focused on my own short-term goals.

If you ticked Option A, then running a business

ISO 14001:2004, Environmental management systems

Newly revised Globally relevant Even clearer

For A class managers !

Available from ISOs national member institutes

Wounded police officers perspective on ISO 9001:2000

Management take control of your audit process !

Good practice for establishing the competence

Survey compares ISO 14001 experience in United Kingdom and China

Overcoming language and literacy barriers to ISO 9001:2000 implementation

Santander Serfin takes ISO 14001 lead in Mexican banking sector

ISO, July-August 2005.

STANDARDS FOR SERVICES

SPRINGs harvest of standards for Singapores service economy

ISO Management Systems July-August 2005 3

Make sure there are no weak links in

In Spring 2004 in Arizona, USA,

Seen from the front line

When I was asked to pose

The ISO 9000 philosophy has, and

Officer Matt Morgan, of the

As a patrol officer with the

In Autumn 2004, Matt Morgan

line of duty. It is worth paying

Officer Morgan with courageous citizen Cipriano C.J Garcia who

agement system. Overall, I

ISO Management Systems July-August 2005 5

Mobile information before

My day depends on the correct entering of information

6 ISO Management Systems July-August 2005

This results from the Records

Important information about a vehicle may include

trying to avoid paying registration fees by using a plate

The Phoenix Police Departments

I let my radio dispatcher know