To understand how ISO can transform an organization through change requires a close look at the standard, the full text of which is attached at the end of this document. The requirements are organized in the tried-and-true format of the PDCA (plan, do, check, act) cycle. There are 3 introductory sections, 1 section on documentation, and the 4 PDCA working sections with the "meat" of the standard. The sections of the standard are as follow:

1. Scope: what is covered.
2. Normative reference: ties the standard to other international standards.
3. Terms and definitions: brings in the additional document ISO 9000 which contains technical (but not very valuable) definitions.
4. General requirements: presents the overall quality management system and the details of documentation requirements.
5. Management responsibility: defines the role of management, how they have to set objectives and act to lead the ISO program (Act of PDCA).
6. Resource management: defines the requirements for human and other resources needed to achieve the management objectives (Plan of PDCA).
7. Product realization: lays out the requirements for defining and fulfilling the customer requirements (Do of PDCA)
8. Measurement, analysis, and improvement: presents the minimum for determining that activities met requirements, and then taking action to change (Check of PDCA)

   Within this overall structure are the clauses with details of the requirements. These are easiest to understand as "questions" requiring the organization to "answer" how they address that subject. This is why an ISO audit is similar to an oral defense of an academic thesis. For example in clause 5.4.1 Quality objectives, "Top management shall ensure that quality objectives … are established….The quality objectives shall be measurable and consistent with the quality policy." This does not say anything about the nature of the objectives, but alerts top management that they will have to defend them as "measurable" and "consistent with the quality policy."

   Top management has to decide what their "policy" is, and what are their "objectives," which are the measurable achievements of everyone’s efforts to reach their policy. If the policy includes developing new customers and improving operational efficiency, then the whole organization is focused on these aspects of the business. The intent of the standard is that top management regularly change their policy and objectives in response to the changing organization and business environment. This could be each year or even sooner, depending on the speed of change in the organization.

   The policy and objectives become the focus of the organization. Everyone has to know them and know how their activities help achieve them. The first step of change to reaching a goal is that everyone know what that goal is, and how they will be measured along the road. It is unfortunate that many top managers in ISO registrations never realize the importance of this tool and throw away the opportunity with a meaningless policy such as that of Essex "Provide our customers with the best quality products and services at all times."

   The ISO 9001:94 standard was correctly derided for being bureaucratic and leading to a "paper system." The 2000 version was written to shift focus to the organization’s ability to change (improvement), and to arm the auditor to be able to cite an organization which did not meet the agreed customer requirements. This goal of protecting the customer is clear in many clauses of the ISO document.

   For example, the auditor has the opportunity to "lay the blame" for a failure to meet a customer’s needs at management’s door step. Clause 5.2 Customer focus states that "Top management shall ensure that customer requirements are determined and are met with the aim of enhancing customer satisfaction." These clauses can be thought of as "bullets" in the auditor’s gun, and are not as valuable as those questions which require management to figure out how to bring about change in an aspect of the business.

   Some Important Aspects of ISO 9001 for business Success

   The following 16 points highlight some of the ISO 9001:2000 clauses which, when implemented together as a Quality System, will lead to the greater success in the Organization. The underlying power is a new "ISO capability" for top managers to be able to push ahead on all of these fronts simultaneously, without their direct intervention, but by the coordinated action of the ISO team.

1. General requirements (4.1). In these clauses top management has to "identify the organization’s processes … determine their sequence and interaction…" This requirement helps focus the organization on those processes which deliver value to the customer. These will be monitored to see that they are working as expected (see #13 below). Understanding which process you need to get right is a critical first step.
2. Establish and deploy the quality policy and objectives (5.3 & 5.4.1). These clauses focus the entire organization on the same goals. It is optimum to have measurables which each person could tally up at the end of the day to see how they did. These individual measurements are totaled by "department" or area, and finally for the. Top management can see the overall trends, and "drill down" to see the drivers, and offer congratulations or provide resources as necessary. Such "pyramid" metrics (from a broad base to one point at the top) are difficult to devise, but very valuable to drive change across the board.
3. Responsibility and authority and Internal communication (5.5.1 & 5.5.3). People need to be crystal clear about their responsibility to carry out tasks and their authority to allocate resources and make decisions. Maintaining people’s roles so that there is clarity, and maintaining these current in today’s dynamic organizations requires excellent communication. These aspects are business 101 issues, but almost every organization needs to improve to prevent politics interfering with responsiveness.
4. Competence, awareness, and training (6.2.2). An organization is people, and humans all need help. Building, maintaining and growing the competence of the employees is the heart of the organization, and a substantial expense. This area is a great opportunity.
5. Infrastructure and work environment (6.3 & 6.4). People need the tools of the trade and the environment (including a psychological environment) to do their best. As with competence above, these areas present a huge opportunity. Remember, section 6 is the "plan" section where top management prepares the people to "do" in section 7.
6. Planning for product realization (7.1). Each "product" requires planning to determine and provide the specific resources people need to do the work correctly and profitably. An organization typically has many such plans for various activities. This clause brings these together as a system, and establishes a new product planning process to introduce new items. Change is the goal of the ISO program, and this clause addresses product changes needed to grow sales.
7. Customer related processes (7.2). These clauses are the heart and soul of ISO 9001. Once you know and agree to provide something, the rest of ISO is really there to ensure that you know you provided what you agreed to provide. Review of the customer orders is one of the ways the organization addresses this issue, and might benefit from the details of the ISO considerations. This clause also includes customer communications which are always a problem when personnel are not in the office.
8. Design and development (7.3). Many organizations do not do design, but for those who do ISO has a simple formula to recommend. The section addresses the need to design, verify and validate the product, and track progress to completion. The design function can be simple or complex, and this section facilitates control. Time is often a forgotten issue in the design process.
9. Purchasing (7.4). The organization needs "raw materials" which go into the products, and spending is always an issue; and this clause addresses the need to control spending. There is a huge change going on in the purchasing world relating to just-in-time and "supplier partnerships." This clause encourages simple goals in navigating through these changes.
10. Service provision (7.5). These clauses govern the quality, quantity, and cost of the work people do off-site. Many organizations have no service in this sense. Addressing service helps ensure that what happens at the customer location is as well controlled as the work on the factory floor, with QC, maintenance, and management there for support.
11. Customer satisfaction (8.2.1). ISO requires that the organization "monitor information relating to customer perception." When done well, addressing this clause provides an excellent early warning system as to how the customers are reacting to changes within the organization. Change is the purpose of the Quality System, and finding about unhappiness in a customer after they leave allows little room for correction during change.
12. Internal audit (8.2.2). A good internal audit "listens" to the organization and presents a fact-based answer to a question from to top management, to help them determine the need for change. Audit can be a routine checking on the status of aspects of the business, or an emergency response to a problem. In all cases it is a way for management to obtain information to help them decide and act correctly.
13. Monitoring and measurement of processes (8.2.3). The important processes within the organization are measured, and the results compared to plan to see where progress is acceptable, and where resources are needed. This is another of the ISO feedback loops to keep management aware of how change is progressing within the organization.
14. Monitoring and measuring of product (8.2.4). This clause requires that you have information that the service provided to your customer meet the criteria you agreed to with the customer in 7.2. This is what most people think of as quality, and it is of crucial importance in just-in-time, "lean" world. It is useful to point out that the activities of "inspection" are not value-added to the customer. This area is of potential significance.
15. Control of nonconforming product & analysis of data (8.3 & 8.4). This clause requires that when someone makes a mistake, the organization has to do something to ensure that the problem does not get out to the customer. But this clause allows you to "listen to the processes" to collate and present what is going wrong (not done right the first time) so that resources can be provided in a prioritized manner to prevent reoccurrence. So billing errors, late and absent employees, computer malfunctions, scheduling problems, machine downtime, late work, etc. can all be tracked as appropriate to see that change is happening. It does not take data to see that something changed by half (twice as many reports are late) but it does take data to detect a slight.
16. Corrective and preventive action (8.5.2 & 8.5.3). These clauses require systems for fixing significant problems. This is the formalization of the organization’s risk management program. The management question is not that problems exist, but which one is the next most important for the organization to spend resources on to fix now? These clauses require that the organization track the formal projects which management assigns to drive change. Many other aspects of the standard drive change as well, and the organization has to have a system to and then make sure it is fixed before moving on to the following issue.

Meet the requirements of the ISO standard, and a business will have the organization and focus which will achieve the policy and objectives set by top management. When these relate to increased sales and reduced costs the organization profit will increase, and the managers will become true believers that ISO is an important tool.