In our latest author interview, we meet Andy Nichols, author of Exploding the Myths Surrounding ISO9000 – A Practical Implementation Guide, and talk about quality management and certification.
ITGP: Thanks for speaking to us Andy. Let’s begin with your book. Most books on ISO9000 only cover the rules and requirements of ISO9000 and how you might implement it. Your book seems more ambitious. What was your thinking behind Exploding the Myths?
AN: I decided to write Exploding the Myths Surrounding ISO9000 as people are often confused about the purpose of implementing a quality management system to meet ISO9000, and what third-party certification involves. Some common myths have endured for more than 20 years – one of them being that ISO9000 is: “say what you do, do what you say”. I felt it was a good time to expose these myths and provide practical guidance on what an organization should consider, instead, when implementing ISO9000 and preparing for external certification.
ITGP: You felt there was confusion regarding the purpose of ISO9000 and certification?
AN: When I look at various online forums, people are posting questions about the basics of quality management and are clearly confused. Although, as you say, there are many books describing how to implement a quality management system, the background to ISO standards etc., these are mainly written from the theoretical point of view. Little has been written to address the “hearsay” which has accompanied the development of ISO9000 over the past 25 years.
ITGP: It sounds like this advice is long overdue and based on plenty of experience. How did you get started in quality management?
AN: I began my career in Quality back in the late 1970s. We relied very heavily on inspection and QC in those days. Luckily, in the mid-to-late 1980s, I was responsible for developing a quality management system to meet a NATO contract requirement using AQAP-1, which is the “great grand daddy” of what we know as ISO9001 today. We did what the AQAP-1 quality requirements told us, and delivered fault-free equipment and installed it without a hitch. This allowed me to pursue roles as implementer, supplier, quality and certification body auditor, as well as consultant and trainer.
ITGP: So, you’ve been meeting customers’ quality requirements right from the beginning of your career?
AN: Yes. The experience of implementing a quality management system to meet a customer’s contract provided an excellent foundation for understanding the basics of implementing quality management systems, without the confusion of third-party certification.
ITGP: Based on all your experience, can I ask what advice you have for those just beginning to use and implement ISO9000?
AN: For those starting out in quality management, and evaluating implementation of ISO 9000 it’s important to remember that much of what is required is already being done, if you are satisfying your customers. What’s needed is some formality to those processes and activities which are working well and then to work on improving them. ISO 9000 brings about a maturity in the way an organisation operates and then requires that management takes a long hard look at its performance and asks what needs correction and what needs improving.
If any organisation finds itself doing something “because of ISO” or “to keep an auditor happy”, then they have to question why this is happening.
ITGP: One final question before we run out of time. Â Are there particular parts of your work that you enjoy?
AN: In my position as certification body sales manager, I’ve found that assisting clients in understanding the certification process, what’s expected at each step and how to be successful is the most rewarding. Many organizations are new to the process of certification – even though they may have experience of customer audits, security audits etc. Being able to complete their knowledge, before they select a certification body and begin the process is enjoyable.
ITGP: I can appreciate that ensuring the client is properly informed is very important in making the right choices about ISO9000 and certification. I guess that’s also what made you write the book in the first place.  We’re out of time sadly, but many thanks for speaking to us.
AN: I appreciate the opportunity.
Exploding the Myths Surrounding ISO9000 – A Practical Implementation Guide
, the internationally-recognized cybersecurity framework
