The Rush for Quality but Buyer Beware!

In the last twenty years there has been a big push for improvements in quality that can be gained from certification under schemes such as ISO 9001. Nowhere is this more apparent than in the IT industry. I have become involved in this myself and I am a proud owner of a Quality Assurance Internal Auditor’s certificate. There are tens of thousands of companies who are ISO certified. What are the benefits? Some companies have made genuine improvements to their product or service delivery by going through the certification procedure. Many companies have obtained a marketing competitive edge by advertising that they are ISO certified. ISO certification has become big business. During my research for this blog I discovered a multitude of businesses which are advertising services to companies wishing to join the club. I found very few website contributors explaining from an objective point of view what quality management systems and ISO 9001 are all about; only Wikipedia had much to say on the subject.

Quality management has two main components: Quality Assurance which is all about the processes and procedures that need to be in place to guarantee quality and Quality Control which is all about testing a product or service against a pre-determined standard.

So what is quality? It can be described in many ways but my preferred description is “fitness for purpose”. Over the course of my thirty year career, in the IT profession, I have seen the importance of producing high quality software. The software must match the intended business purpose and it must be produced in the most cost effective way. To repair broken software is four times as expensive as producing a top quality product in the first place. Even if you produce top quality software, you are in deep trouble if it does not meet its intended business purpose.

Throughout history companies and suppliers of goods and services have seen the need for quality management even if it has been on an informal basis without official recognition by outside bodies. Companies such as Mercedes Benz, Rolls Royce and Bentley have established an absolute reputation for high quality by attention to detail and total quality management, and all without the need for outside auditors. They set the standards for quality in the automotive industry and it was difficult for their competitors to emulate them.

But what about the IT profession for which I have worked for so long. When IT was in its infancy there was a lot of resistance to change and the IT industry had to deliver software to exceptional standards to prove that it could make improvements to business processes and productivity. Failure was simply not an option. Regrettably much of the IT industry lost its way after the 1970’s and 1980’s and the industry became bloated and inefficient. Project cost and time overruns became more common as did the complete failure to deliver. In the early 1990’s confidence in the IT industry was beginning to wane. What better way to improve quality management systems and the competitive edge than by gaining ISO certification? You could prove that you were as good as any one else. Once the bandwagon started it accelerated. But, has the quality of IT delivery improved since the introduction is the ISO 9001 scheme? My view is that in general it has not. There has to be a total and continuous commitment to quality and too many companies are just paying lip service after becoming certified. So the old adage of “caveat emptor” must still prevail; so let the buyer beware.

In the course of my career I have taken time off to study wine. There are many lessons to be learnt from how the wine industry applied its quality control systems. In Europe the wine industry has been governed by quality standards since the middle of the 20^th century. In 1935 the French government imposed new wine laws as part of the Appellation d'Origine Contrôlée system. This system was used to assure the quality of vine growing and the means of wine production. A similar system has been introduced throughout the European Union and it has had varying results. Suppliers clamour to get into the top quality appellation to improve their sales. In France and other countries the system was subject to much abuse. In bad years when the harvest was cold and wet and the grapes did not ripen properly there was a temptation to add sugar to the fermenting must to increase the levels of alcohol . This practice of “Chaptalisation” is illegal in most wine regions. In times of a bad harvest there was also a temptation for producers in Northern France to import, illegally, riper grapes from the south or even Italy to improve the taste or “quality” of the wine. Many consumers could not tell that their red Burgundy was in fact adulterated with wine from the south of France. At one time the whole French system was in danger of completely losing its reputation. In the 1980’s there was a scandal involving Austrian wines when some unscrupulous producers added industrial based glycerol to the wine to improve the sweetness and the feel of the wine in the mouth. This scandal nearly broke the back of the Austrian wine export industry. Governments were forced to act to improve standards and independent testing. It is only in the last ten years or so, however, that the French authorities have actually tasted the wines as a measure of quality control. Whilst the more stringent measures have lead to a general improvement in quality, it is the force of the market that is really pushing up the level of quality in Europe. Wines from the new World where there are no government imposed standards are making big inroads into the traditional export markets of France, Italy and Spain. This is happening at the lower end of the market, but some American and Australian wines at the high end are now beginning to compete on equal terms with the top wines of Europe. Despite what it says on the label and whether the wine production is subject to quality controls or not, you are best advised to taste the wine for yourself before you buy a case. There is still a lot of bad wine on the market which is fit only to be poured down the drain. Once again let the buyer beware; a lot of poor quality wine which is not worth the money has been certified by the authorities.

A similar situation prevails in the market place for other products and services. A clean bill of health, as certified by an approved ISO 90001 auditor, does not guarantee that that the customer will get what he expects: that is top quality. The certification programme only ensures that a supplier adheres to procedures to deliver a pre-specified product or service. The auditors do not test the final product or service against a market standard. I repeat there is no guarantee that the customer will receive top quality.

From a marketing point of view being approved by a body such as the International Standards Organisation can be very important. Most customers see this is as being a guarantee of a superior product or service. It is a good selling point. However, many suppliers are only paying lip service to quality assurance. The customer must make his own efforts to ensure that the supplier is genuine and not just relying upon a certificate. Often it is better to have the courage to trust your own judgement about who can deliver the right level of quality for your business.

What is the customer to do? The IT industry in many respects is a special case. It is delivering products which have no physical being. It also delivers service. It is difficult for the customer to pre-judge the quality of the final outcome. You can taste a bottle of wine to decide if it suits your needs before you buy a case. You can test drive a car. When you buy software you can perform a proof of concept exercise to give yourself some assurance that the software will meet your basic needs but this can be long winded and expensive process. Once you have bought the software you will probably have to modify it and the software supplier will need to provide design, programming and implementation services. If your supplier is ISO 9001 certified, it does not mean that you will be guaranteed top quality performance. When you commit to a new IT project it is often difficult to back out or it is perceived to be too expensive to replace a supplier who does not come up to expectations. But, if you make the wrong decision and employ people who are not up to standard you face a bottomless pit to throw your money in. It is so important that you apply common sense and hard headed decision making when selecting a provider. Do not allow the fear factor to enter into the equation and satisfy yourself that you have selected the best supplier just because of an ISO certificate. You do this at your own peril. You must be fearless and trust your own judgement. As part of the due diligence process you must assure yourself that the supplier genuinely wants to serve the common purpose of both you as the customer, and the IT industry in general. You should also interview the staff who will be deployed on the project to ensure that they are capable of doing a good job and know how to adhere to the highest industry standards. Above all, seek out the independent opinion of other customers. A supplier who does not have ISO certification may fit the bill better than one who has, so have the courage to select wisely. IT projects are too expensive to be allowed to fail because of a lack of due diligence on the part of the customer. To rely, solely, an ISO certificate is simply not good enough.

When I need new tyres for my car or it needs to be serviced I go to my local garage just down the road which provides a high quality of maintenance at a favourable price. I checked them out with my friends before I used them and on the first few occasions when I visited I verified their work. I trust them to do a good job but they are not ISO certified. They are professionals and their customers know it. Why pass on the extra cost, of becoming certified, to the customer when you do not need to?

I always use my local garage. However, when I am on the road and get a puncture I go to KwikFit as I know they will do a good job but they can proudly display their ISO certificate on the foyer wall too.

Incident Management

Most medium sized and large companies deploy "Incident Management" systems to record errors and failures in the daily operations of their IT systems. In fact the recording of errors and deficiencies has become almost routine. Incident management has become an accepted part of information technology or information services. There is now big money to be made in providing organisations with incident management software and services. This is a big waste of money and resources because a large number of incidents should not be occurring in the first place. Incidents should be reduced to enable simple "pen and paper" administration. An incident should be a very rare exception not a regular occurrence.

I do not expect many people to agree with me, but if you have so many errors and deficiencies that you have to deploy specialised software and services, to administer them, then something is seriously wrong. There has been a failure in some or all of the following: the original definition of the business requirement, the analysis and design of the system, the design of the man machine interface, training ,education and testing. In other words you have a big quality control problem. You might also need to need at your quality assurance.

I recently read some incident management procedures which included twelve categories of errors. This is almost farcical.

Incident management systems do nothing , of course, to fix the basic problems . They do, however, divert the attention of management from resolving the real failures. Organisations become buried underneath the statistics relating to problems which should not exist in the first place. This is all a symptom of gross inefficiency.

The original promise of Data Processing or Information Technology was to improve business administration: to improve the work flow and reduce errors to a minimum or eliminate them altogether. We could then free up human resources for decision making and creative activities. This should have been achievable if we had used our brains to critically examine work processes and the methods by which we analyse , design , program and test IT solutions.

Correcting something that has gone wrong is much more expensive that doing the right thing in the first place. In other words prevention is better than cure. It is time for all organisations to do something about it.

Humanity in Management

This week the Commission on Improving Dignity in Care for Older people made a report that made recommendations to improve the care of old people in hospitals and the British National Health Service. Even though the commission was given a rather pompous name it raised some strong points. One of the most important of which is that older people are not treated with the respect, compassion and dignity that they deserve. Despite all the controls, management procedures and checklists extant in modern organisations something has gone wrong.

I posit that amongst all the controls and checklists we have forgotten our humanity and people are being treated like the computers that control our lives. A computer could not care less how you converse with it or treat it for that matter. It is just a machine that should be serving the will of the humans that created them. It is a tool which can make an organisation run very effectively if used properly. But when the machine is misused to create unnecessary bureaucracy it can clog up the "oxygen system" of the administration to create mindless systems which serve little or no purpose.

This is not just happening in the National Health Service and the caring professions it is happening everywhere. It is as if the system is being run by people who as so burdened by bureaucracy they have forgotten their humanity. It is time to re-educate ourselves and set an example to the very young in our schools of the importance of putting people first and the machine second.

We need to solve these problems not just by imposing further rules about how we talk to one another but how we act towards one another. Let the human beings be treated as sentient beings and the computers be treated as just machines and not the masters which are there to control us. Information Technology could then free all of us up to lead healthier and more constructive lives.

Paying lip service to improvements by trying to control the language we use will not really help. I would quite happily swap being called an "old boy" for a first class health service that met my needs. Action first followed by the niceties of politeness. You are what you do not what you say.

Checklists, Procedures and Drudgery again

Young people do not come into the IT industry with the intention of following checklists and procedures which make their life a drudgery. There is obviously a need for standards when analysing, designing and implementing computer systems. For some reason, however, the IT industry is being coming more and more bureaucratic and is concerned more about controlling the people than the work. This is leading to a "long hours" and "do everything at the last minute" culture, which is stifling creativity, critical thinking, productivity and problem solving efficacy. No wonder our young systems designers and programmers are bored, disaffected, tired and overworked when a crisis crops up. And, unfortunately, the crises are now occurring too often.

Why can we not encourage a working environment where young people are allowed and encouraged to think for themselves within the parameters and limits of proven standards of working? If everyone one understands the engineering principles behind good IT practice they will then be able to act more responsibly. We as managers would then be able to delegate authority and responsibility to project team members to allow them to control their own work within the confines of a good project plan and in full co-operation with their fellow workers. Every one will then be part of a well organised team which knows what to do without being restricted and hidebound by too many unnecessary rules, check lists and processes. This will then be the route back to high quality delivery, high productivity and a healthier working environment for all. We might start enjoying ourselves at work again.

Check Lists, Procedures and Drudgery

I have spent a considerable amount of my career designing procedures for best methods of operation. Before computers were widely used it was important that clerical or manual methods of operation operated at optimal cost effectiveness. When computerisation was in its infancy we often conducted studies to compare the cost of the manual operations against computerisation. We delayed automation if it was more expensive to computerise an operation . This is not the case today but it might be educational to make such comparisons; even now.

I am surprised that we have not made further advances in removing paper from our computer procedures which still rely upon manual operations to a greater or lesser extent. The technology is certainly good enough, now, to completely automate many procedures. For instance, whilst it is possible to settle a credit card account by arranging a variable direct debit to clear the whole outstanding amount, it is not so easy for the customer when they want to settle a lesser amount. I am surprised that a decision based system has not been developed to allow the customer complete flexibility on an automated basis.

Manual operations still need to be used in spite of it being feasible to completely automate some business operations. And it looks as if this will be the case for the foreseeable future. The man machine interface, therefore, needs to made as efficient as possible by the use of effective procedures. But tight procedures quite often cannot cope with the out of the ordinary situation and militate against flexibility.

All organisations now have such tight procedures and checklists, which are used to control the man machine interface, that they deny flexibility to the human operators. This is apparent when you 'phone a call centre. As long as you are calling about a routine request the operator, at the other end of the 'phone, is able to cope adequately. If, however, you are making a call about a matter which falls outside of the rules or checklists, that govern the behaviour of the human being, the procedure often falls down. Often the call centre clerk then is unable to answer a request or enquiry as they do not know what to do. Even a supervisor might not be able to deal with events which fall outside of the system rules. It is, as if the human beings themselves have become "robots" who cannot cope outside of the check lists and pre-ordained processes. Systems designers and back office managers should take this into account when organising the work. The staff should not be treated as if they are automatons, and they should be allowed and encouraged to think for themselves so that they can become problems solvers. At little bit of creativity should be allowed to creep back into the system for the sake of both the customers and the workers.

Automated systems give us the opportunity to take the drudgery out of repetitive work and free us all up to do something more creative than just push buttons.

Further to the Feasibility Study

I was involved in two very interesting feasibility studies for a major American International Bank many many years ago.

For the first, the Bank was faced with applying Composite Rate Tax or Withholding Tax to the accounts of retail customers. I was the IT representative for the feasibility study and we also used some hard headed business managers. We calculated the cost of providing an automated solution and implementing it. We also calculated the cost of implementing a manual solution. We also considered the disruption to other projects. During the study the question was asked, what was the Bank doing in the business of retail banking? We quickly concluded that the best solution was to close the accounts of the few retail customers that the Bank had. It was simply the cheaper option and made sense from a business point of view. The customers were encouraged to open retail accounts with a British correspondent bank. The cost of the feasibility study was minimal and we were able to concentrate on the business and IT aspects of implementing our Global International Banking system.

For the second, the business was interested in automating the re-investment of funds which appeared on the Bank's books as a result of the errors of other Banks. This was a large sum of money even on a daily basis and there was profit to be made from re-investing money which was in error whilst the back office traced the rightful owner of the funds. I performed a feasibility study to decide whether it would be economic to completely automate a solution but at the time there were technical difficulties which made complete automation too costly. I recommended that we shelved the the solution pending future technical improvements. Two years later I was at a meeting where the issue was raised again and an IT colleague produced my report : it was now technically possible to go ahead with the proposals. The business made some calculations that it was also economic to proceed so we went ahead.

These two examples show how a good feasibility study can be used to good effect to produce cost effective and beneficial results.

The Feasibility Study

It is very difficult to complete a very good feasibility study. You are confronted, quite often, with inadequate business information to assess the value of a proposed new system or modification.

The feasibility study is all about evaluating the the proposed business benefits against the cost of their delivery. A new system should be able to deliver an adequate return on investment. The study should also examine the technical aspects of a proposed new system as it may not be possible to deliver the promised business benefits from an operational, throughput or timing point of view.

It is relatively easy to marshal and gather all the facts regarding the cost of implementing a new system or modification and it also easy to be tempted to ignore or reduce the cost of an item if it does not support the financial case. This temptation should be resisted strongly as no organisation is done a favour if the cost of a change outweighs the financial benefit.

The real difficulty comes in calculating the financial benefits as you are often operating in a vacuum. It is extremely difficult to even calculate productivity savings let alone the reduction of staff costs. It is more difficult to assess the financial benefit of improved customer service or a potential increase in market share or intangible benefits such as improved competitiveness.

Many management experts still apply the Pareto principle or the 80 20 rule when gathering management information: that is 20 percent of your time is used to obtain 80 percent of the information needed to make your decision. Therefore, it may not be cost beneficial or even possible, in a reasonable amount of time, to get to the 100 per cent certainty that you have gathered all the facts to make an objective decision.

Business managers, therefore, are acting more often than not upon sound judgement, instinct and intuition as much as the evidence gathered from facts. When assessing the business case experience, common sense and hard headed thinking are needed. Unfortunately most of this cannot be learnt from a text book or a prescribed list of procedures. You have to have the courage to trust your own judgement and operate fearlessly.

The decision makers must include business managers and clear thinkers who are able to critically examine all financial and operational proposals and tangible or intangible benefits. The decision makers must weed out understated costs and overstated benefits. They should also consider the implications of cost and time over runs.

Doing feasibility studies to recommend the most beneficial approach have been the most interesting and most difficult tasks that I have attempted in my career.