What comes first when implementing ISO 9001:2015: technology or culture change? (Please send your feedback & insights)

Have you ever worked for an organisation where they just don't get quality?

Implementing ISO 9001:2015 properly requires you to manage lots of moving parts. It requires investment, time and commitment from employees across the business. 

From a quality perspective, it can be a real challenge to juggle everything: engaging employees, implementing processes, finding an external certification body.

Where to start? 

As around 90% of the 19,000 governance, risk and compliance professionals who subscribe to our content are certified or implementing ISO 9001:2015, we get lots of enquiries about all aspects about the Standard. 

Last week, we were sent the below enquiry from the Process and Systems Manager at a marine research company based in Mauritius asking whether: 

  • external auditors have the training to meet the new ISO 9001:2015 requirements? 
  • a business can truly achieve conformance to ISO 9001:2015 without embracing technology? 
  • small business units should be trusted with the responsibility of managing their ISO 9001:2015 requirements? 

Please read and share your tips, experiences and insights at the bottom of this article.

BI Dashboard GRC software

"We have some external auditors have evolved with the new ISO 9001:2015 standard requirements, but others who have not.

I think this will only discourage companies from continuing to maintain their certification.

I would appreciate an insight into your experience or feedback regarding the behaviour and adaptation of external auditors since the migration.

I am an advocate of using IT to support quality management systems and more than ever, cannot see how anyone can prove conformance without having an appropriate application system or systems in place, particularly to address risk management, objectives, various reviews, corrective actions and internal audit.

I have been trying to get management to adopt an integrated application for many years. But from lack of budget, have only been able to configure an ISO solution using a use case tool, derived from software development, on a limited budget.

I have only been able to achieve this because of my IT background. This evolution to one framework was achieved by passing through various generations of hybrid and multi-tool solutions, mostly open-source.

However, our management is currently in a mindset where they want to reduce shared services across our group and put responsibility for maintaining things like ISO compliance onto the business units.

Many of these units are small and not geared up to do so, and this threatens to dismantle the progress we made with what we implemented so far, just at the time we have achieved a good degree of stability and already successfully transitioned to ISO 9001:2015.

Regardless of scale of an organisation, ISO management systems cannot be implemented and maintained without dedicated resources, whether these are in-house, outsourced or a mix. Simply adding responsibility to existing roles is not enough in my opinion.

I think solutions like Qualsys's software are the correct approach going forward, but may take years before organisations like mine realise that."


Share your insights, tips and ideas by leaving a comment below. e.g.: 

  1. Do you feel external auditors have the skills they need?
  2. Do you feel technology is key for driving cultural change? 
  3. How did you get buy-in for an integrated management system solution?  


ISO 9001:2015 free pdf xls

Topics: ISO 9001, Culture of Excellence

Share your thoughts on this article