Management Consultant Guide to Standards Compliance

Work in this area is important to the consultant who can help an organization improve as they look at standards compliance and the audits required by some standards groups.

We will look at the ISO 9000 standards that many organizations follow either formally or informally. These ISO 9000 standards help organizations meet the needs of their customers and stakeholders. ISO 9000 standards also help organizations meet legal and regulatory requirements.

Consultants can help an organization prepare for an audit that shows an organization is certified as meeting ISO requirements. Certification comes from a third party that provides independent and impartial confirmation of compliance.

Consultants can also point out to organizations considering certification that ISO standards are used by more than one millions organizations throughout the world. The standards provide one of the most widely used frame works for management techniques and tools

We will also briefly look at non ISO standards and the role the consultant can play in providing information about their use.


ISO 9000 dates back to the 1980s when the standard was first published. Providing information about ISO can help a client get a perspective. It might be useful for a consultant to note that the history of ISO comes through work done by the U.S. Department of Defense.

Why are ISO standard useful? In part the answer comes because some organizations require work with certified groups only. When you deal with a group that is certified you can rely more on a quality product and quality processes. We define quality accord to ISO which states that a quality product meets customer expectations. When an organization becomes ISO certified the organization can work with groups that require this certification so the investment in certification pays off in this way. In addition, certification can produce a result which leads to greater customer satisfaction, greater market share, and more subsequent profitability.


A consultant can explain to clients about the eight major quality management principles. This can give clients a good idea of the scope of the ideas.

1.    Customer focus

Since an organization depends on customers and customer support, an organization should meet customer expectations, strive to exceed those expectations, understand current customer needs, and anticipate future needs.

2.    Leadership

Leadership for an organization should create an environment where people can achieve organizational objectives. In addition employees should be involved in processes and the achieving of objectives.

3.    Involvement of people

Throughout the organization people's full involvement means their talents are used for the benefit of the organization.

4.    Process approach

When managed as a process results are achieved more efficiently.

5.    System approach to management

An organization benefits when management looks at interrelated processes. This improves the efficiency of an organization in achieving its objectives.

6.    Continual improvement

A constant objective of an organization should be continual improvement in performance overall.

7.    Factual approach to decision making

Decisions should be based on data and information analysis.

8.    Mutually beneficial supplier relationships

Suppliers and an organization depend on each other. A relationship that is mutually beneficial increases the chances of creating value for each.



Organizations often hire consultants to help prepare for ISO certification. Here is the type of information a consultant could provide to an organization to prepare for certification.

1.    The ISO organization does not provide certifications.

2.    Certification bodies that are third parties provide certification.

3.    Once an organization passes an audit it receives an ISO 9001 compliance certificate.

4.    The actual standard to which you become certified is ISO 9001:2015 which is due to expire in 2018.

5.    Accreditation bodies charge fees for their services.

6.    Certifying bodies charge fees for their services.

7.    Accreditation is accepted worldwide.

Audits happen when an organization applies for ISO 9001 certification. The audit covers a number of organizational sites, processes, functions, and products.

An auditor from a third party certifying agency can present a list of issues, nonconformities, observations, and opportunities for improvement. If an auditor finds no major issues, a certification body issues a certificate.

If an auditor finds major nonconformities, the auditor presents an improvement plan to the certification body. This can include corrective action reports on how to resolve issues. When a certification body considers the organization has met the requirements of the corrective action, the body issues a certificate.

A certificate shows limitations on what is covered, for example, production of a certain product or service. A certificate also shows addresses for reference.

Once a organization gets certification, the organization must renew the the certification at regular intervals as recommended by the certifying body. This can be every three years.

Some of the requirements an organization must be for ISO certification include:

1.    Before documents are distributed, they are approved

2.    When used documents must be at the correct version

3.    Records show requirements are met

4.    A procedure explains how to control records for the organization


A consultant can help an organization obtain copies of ISO standards. Here are guidelines on what the documents cover.

1.    ISO 9001 is the base document that is supplemented by ISO 9000 and ISO 9004

2.    ISO 9000 covers quality management systems fundamentals and vocabulary

3.    ISO 9004 provides background information about managing for the sustained success of an organization with a quality management approach

The committee that develops ISO 9001 decided in 2012 to create a new quality management model. They began with new quality management principles. They also examined the last 25 years of implementation of the standard and decided the new document could cover the next 25 years, starting a new era.

The revised 9001:2015 standard integrates more easily with other standards throughout the world. It has a focus on performance. It includes the Plan-Do-Check-Act (PDCA) cycle. Some highlights of the standard include:

1.    An organization can decide what and how to document relevant information

2.    Continuous improvement is important and encouraged

3.    Management must be accountable and involved


A consultant can provide an organization with support and information about what is involved in an ISO audit. Here is some information about audits that could help an organization.

1.    To become registered to the standard two audits are required – an external audit and an internal audit.

2.    An external certification body conducts external audit.

3.    Internal staff conducts internal audits and are training to do this.

Interested in learning more? Why not take an online Management Consultant course?

4.    Audits have an aim of a continually reviewing and assessing that an organization has a system that is working as designed. Additional aims are to find areas for improvement and correct and prevent problems.

5.    Typically an internal auditor is from outside a group so there is no conflict of interest.

What can an organization expect from an audit? Here is a list of typical questions an auditor could ask.

1.    What do you do and what process do you use?

2.    Are you doing what your documentation specifies?

3.    Where is your documentation?

4.    Will what you do help you achieve stated objectives?

5.    Is there a better way to do your job?

6.    What do you think of the process you use?


While the ISO 9001 can apply to various industries, the consultant can point out that these are just guidelines. You must carefully look at how the guidelines make sense for the industry of the client be they a manufacturer, health care provider, school, or government entity – to name just a few possible organizations that can get certification.

A consultant can point out that some industries have specific standards to cover their particular concerns and markets. These industry-specific standards can help an organization achieve their goals and also help training auditors to assess the organizations within those industries. Here are some of the industries covered.

1.    The aerospace industry has a standard developed by major aerospace manufacturers

2.    The automobile industry has standards documentation related to their industry and developed by major automotive manufacturers

3.    The telecom industry has standards documentation developed by a telecom consortium

4.    The medical industry has standards documentation that apply to medical devices

5.    The petroleum, natural gas, and petrochemical industries have standards documentation concerning design, production and installation of their products


A consultant can help an organization maximize the chances that an ISO system is effective. Here are some of the factors that can help.

1.    Senior management must be involved

2.    Senior management must not ignore problems found during audits

3.    Organizations should create a specific manual not simply work from a template

4.    The ISO system should work with current processes

5.    Keep the focus of the ISO system on the customer

6.    Keep continuous improvement in mind

7.    Keep supplier quality acceptable 


A consultant can name advantages to following ISO standards to include:

1.    Cost benefits

2.    Better documentation

3.    Improved employee involvement

4.    A larger customer base

5.    A more efficient operations

6.    Increased customer satisfaction

7.    Reduced waste


Consultants can also provide an organization with information about standards in addition to ISO standards. Depending on the industry, some of these standards can be helpful for doing business. Here is an overview of some of these standards.

CSA standards

A country specific standard such as one developed by the CSA group (formerly known as the Canadian Standards Association) can be required for organizations working in that country. CSA develops standards in over 50 area. A CSA mark shows that the product was tested and certified to meet a relevant CSA standard.

Among the standards that CSA develops are occupational health and safety standards. Other topics include pressure vessels, environmental protection, construction materials, and climate change. CSA also publishes quality assurance standards that are an alternative to ISO 9000.

In some cases the standards are voluntary and no law requires their use.

IEC standards

The International Electrotechnical Commission (IEC) publishes standards on a wide variety of topics. Adherence to these standards can be required for the sale of certain equipment in certain countries. Here is an idea of some of the topics.

Environmental testing

Explosive atmospheres

Instrument transformers

Low voltage fuses

Power transformers 

Rotating electrical machinery

Safety of machinery

Standard voltages

Steam turbines

Surge arresters

Wiring colors

Safety of electrical household appliances

Electrical installation of buildings

Graphical symbols for use on equipment

Batch controls

EMI and RFI immunity

Function blocks

Optical fibers

Powertrack systems

Safety of power transformers, power supplies, reactors, and similar products

IEEE Standards

The Institute of Electrical and Electronics Engineers Standards Association (IEEE-SA) develops standards for a number of industries. These include biomedical, health care, IT, robotics, and information assurance. Experts from all over the world develop the standards.

In contrast to formally recognized organizations such as ISO and IEC that can be federations of national standards bodies, IEEE-SA is not authorized by any government, but is instead a community.

The IEEE committee conducts balloting each year where members vote on the reliability of the draft proposed. IEEE has published over 500 standards titles. One group of standards IEEE publishes is especially notable and deals with LAN/MAN issues with information about computer networking for wired and wireless networks.

Here is a list of some IEEE standards.

Standard Letter Symbols for Units of Measurement

Standard Digital Interface for Programmable Instrumentation

Standard Glossary of Software Engineering Terminology


Standards for LAN/MAN bridging and management and remote media access control (MAC) bridging

Standards for Logical Link Control(MAC) standards for connectivity.

Standards for token passing bus access

Standards for information exchange between systems

Standards for broadband LAN cabling.

Fiber optic connection

Wireless Networking – "WiFi"

Standards for integrated services, like voice and data

Standards for LAN/MAN security implementations

Standards for demand priority access method


Standards for cable television broadband communications

Wireless Networking – "WiMAX"

Standards for Logical Link Control (LLC) standards for connectivity

Configuration Management in Systems and Software Engineering

Software Test Documentation

Software Requirements Specifications


Unix compatibility programming standard - POSIX

Software Design Description

Standard Classification for Software Anomalies

Software Verification And Validation Plan

Point of Care Medical Device Communication Standards

Software Development Life Cycle

VHDL – VHSIC Hardware Description Language

Unified Power Format

Hardcopy Device and System Security (and related ISO/IEC 15408 Protection Profiles)

Information Technology - Software life-cycle processes


We have now covered issues related to what information a consultant can provide about standards to clients to help clients decide on the role standards can play in their organization and how to get through a standards audit.