Over the last six months, my company, Cyber-Duck, went through the intensive process of becoming ISO (International Standard Organization) 9001 certified by British Standards International (BSI). As part of the certification process, we were required to produce our own Quality Management System (QMS), a substantial set of process documents, templates, and recurring procedures.
We already had an accredited user-centered design process and agile and lean project management philosophies that governed our business. So why did we apply for the ISO9001 certification when our strong team of 25 was already working at full capacity? As an organization that is totally focused on continual improvement, further process optimization looked promising.
UCD and Agile Standards in our Business
We are primarily focused on producing projects for the web, and are only too aware of the importance of standards (the HTML language itself is based on standards and agreement between many organizations), so attempting to standardize our internal processes made perfect sense to us.
This is, after all, why, in 2011, we obtained an accreditation in Human Centered Design (ISO 9241-210) for our UCD process. Furthermore, key personnel at Cyber-Duck are certified Scrum Masters from the Scrum Alliance. It wasn’t a love of accolades written on fancy paper that marked our pursuit of these certificates, but rather a genuine belief that it would help us to improve our project management skills and fast-track the development process.
What we discovered was that combining UCD with Scrum dramatically improved the speed and quality of production output. So what could the ISO9001 add to our organization?
What is ISO9001?
The ISO 9001:2008 is a highly generic set of rules and standards that can be applied to any organization providing a digital and/or physical product or service. In fact, it can apply to any sort of business or organization anywhere.
A survey in 2011 from the British Assessment Bureau indicated that almost half of ISO certified businesses secured new business after successfully implementing the standards. At their core, the standards focus on continuous improvement and customer satisfaction, dictating a set of requirement to ensure that:
- A quality management system (QMS) is in place so that client centricity and focused planning are at the forefront of the agency’s service and projects.
- There are regular planning sessions, management reviews, audits, and logs of corrective and preventive actions.
- Measures are put in place to ensure competent resources are working on the project.
- The product (or service) is designed and developed around the customer.
- Measurement, analysis, and continual improvement occur within the organization so that the product and service is constantly improved.
Some of these requirements are already built into the UCD process. Point five, for instance, adheres to our agile mindset as it reflects lean production (an element of agile philosophy), which is all about measurement and "validated learning."
The reality is that although there appears to be some crossover, the ISO9001 is actually very different, but compliments UCD and agile. It forces an agency to lead, direct, and manage their organization while thinking about quality management principles.
ISO9001 Management Benefits for a Digital Agency
ISO9001 dictates that organizations should log, undertake root cause analysis, correct, and analyze both internal and product non-conformities. Furthermore, templates for corrective and preventive actions (CAPAs) are created allowing the team to be aware of all corrective actions and to visualize common corrective actions to both processes and delivery problems. In theory, through preventive actions, the upper management can then mitigate serious issues from ever occurring by creating preventive action plans.
Adhering to the ISO9001 requirements helps organizations deliver better products and services via clear product key performance indicators (KPIs), an emphasis on staff training, regular internal auditing, and continual improvement. It also encourages the analysis of supplier relationships to ensure that suppliers are monitored and due diligence is performed in advance.
How we Implemented ISO9001 Standards in our Digital Agency
During our initial audit with BSI, the organization that awards organizations with the ISO9001 certificate, we went through a gap analysis and found numerous processes were not ‘documented well enough for our UX design process.
To remedy this, we created new flows of control for our user centered design (UCD), software development, QA, and product delivery processes, still encompassing the original ISO9241:210 and Scrum philosophies. We found many instances where different tasks and procedures were overlapping. This led to further refinement and more decision trees, micro events, and forked process branches. One output was a ‘GO-NO-GO’ meeting where user acceptance testing (UAT) helps decide if a project is launch worthy.
To improve our management even further, we created project KPI for a bird’s-eye view of how all projects are going. This tracks the project’s profits, non-conformity quantities, time to complete, client satisfaction levels, key lifecycle events, and the project post mortem (PPM). All of this standardization generates far more stringent processes, additional meetings, and fewer margins for error resulting in far better user experiences.
The Value of Standardizing Processes
I soon recognized the benefits when I found myself referring to the process diagrams when quoting clients for new business and making our proposals more reflective of our processes. Furthermore, the team obtained tremendous focus and benefits from ongoing GO-NO-GO and PPM meetings and management reviews where we dissected client satisfaction data.
The most astonishing revelation about ISO900, has been how it's helped me to improve my business planning by forcing me to write out business, department, and individual quality objectives. All these objectives had to be specific, measurable, attainable, and results- and time-orientated (SMART). This meant that the HR function in the business is committed to delivering the standards we outlined within the QMS.
One area of particular interest to an agency like Cyber-Duck is the individual’s performance management. Besides providing UX designers and developers with smarter objectives we had to refine how we rank staff competency by "verifying" our teams skill set. This means that in a growing and expanding business, a manager can easily generate a report to see who is good at interaction design or HTML5.
Obtaining various certifications has improved how we run our agency. All the team members are fully aware of how client satisfaction levels tie-in to their quality objectives. Our senior managers have implemented a far superior performance management HR system to help train and monitor staff competency. The UX, development and QA teams work closer than before and successfully systemized their processes. This happened without hampering creativity, innovation, user centricity, and the agile processes that we need to deliver quality projects, fast: clearly good news for our end users.
Following standardization, we’ve been able to find, retrieve, and visualize trends and implement corrective actions as all high level non-conformities are logged and recorded. The senior management is focused on preventive actions and is able to mitigate risk and spot issues as they arise. With a huge emphasis on recurring procedures, we are actively minimizing errors within our operations.
We have successfully implemented a scheme of internal auditing to regularly check projects, departments, and operations. Accreditations like ISO9001, add an extra dimension of sanity and quality in any service, project, or product orientated organization.
Special note: I want thank Arpit Bajpai, our IT manager, for pushing the implementation of the standards and Melanie White for helping to refine and improve some of the processes.
Image of official stamp courtesy Shutterstock.