In June 2010 I presented to several hundred representatives from the third party certification industry in Japan, at the IRCA 2010 Conference in Yokohama. This was my topic
I think I know why I was asked. I’ve had a lot to say about weaknesses in third party audit systems on this blog and a few other places, and I have expressed strong views on the need for modernisation of traditional and (dare I say it) out-dated conformity focussed approaches. It may be that the industry is starting to agree with some of the things I have been saying. I hope …
Anyway, I really need to start constructing something. An argument. Something that is challenging enough to make people think differently, but engaging enough not to turn people off and create a defensive response. A dilemma and no mistake
Fortunately I have been able to review a JIBDEC/JAB action document, so I know a little about where they are coming from. That document talks about the need for a balanced effectiveness/conformity assessment. Not so much “does it work to its own procedures?” more like “does it do what the customer wants it to?” The JIBDEC/JAB document also talks about how the audit needs to add value. It is this second aspect that has got me thinking. What do we mean when we say we want the third party audit to “add value?”
Third party audits – adding value for whom?
When we talk about “value adding” third party audits are we really suggesting that a third party auditor, without performing any meaningful research or necessarily having any great expertise in the sector, should be able to go into an established company for a couple of days and tell them much that they did not already know? Come on, let’s take a trip to planet earth for a second, is that realistic? I think anyone who thinks that a third party audit is going to yield a treasure trove of hitherto unknown and valuable management information is living in a dream world. It is not going to happen. The good news, though, is that it doesn’t matter. It doesn’t matter because third party certification schemes were never designed or intended to do that in the first place. Its just that somehow over the years we’ve lost sight of what the primary purpose actually is, and for whose benefit they exist. Third party certification schemes exist primarily to provide information not to the audited organisation, but to customer organisations. It is these organisations that we really should be thinking about. What do CUSTOMER organisations want from third party certifications? How can we improve third party certifications to increase value for CUSTOMER organisations?
It’s the customer, stupid
How could we be so blind? The reason the vast majority of companies seek registration is not because they want it for some intrinsic reason (although I accept one or two may do), nor is it because they believe the CB will send along a kind of Tom Peters to sort out all their problems and tell them how to conquer the world. It isn’t these companies we should be focussing on. We must think about the external value of certification and what that is supposed to mean in the public domain. When we think about adding value we should be asking questions like
- What is it supposed to say about a company that has certification?
- How high are the standards?
- Dare we trust the certification?
- Is it consistently applied?
What if every hotel was rated 5 star?
Maybe we need to start thinking about it in the same way that we think about star rating systems on hotels, because the same principle applies. When we choose a hotel for a family holiday we look at the hotel’s star rating and this adds value to us as customers. The ratings are extremely useful so long as we feel we can trust them. They give us information and help us to reduce the risk of choosing a hotel that might not suit our needs
But what would happen if we lost faith in the integrity of the star rating system? Well, for a start, we’d pay no attention to it. We would not use it as a selection tool, hotels would stop going through the rating process and the scheme would soon fall into disuse. Pretty soon there would be no more pointless star ratings. That is what would happen if the integrity was lost
I think it is this parallel we need to consider when we talk about breathing new life and credibility into third party management system certification. Above all else the system has to be consistent, trusted and enforced to a level that means something to prospective CUSTOMER organisations. We need to be clear about what the badge means and go back to basics to a certain extent. Maybe there needs to be more fails too. Think about it. Should it be our aim to get everyone certified? Great for CBs in the short-term, lots of fees, but in fact it is the last thing we should ever want if we think about it properly. All differentiation would effectively be lost
The day everyone achieves certification is the day that nobody needs it any more