internal-page-background-header.png

Organizational knowledge in ISO 9001:2015

organisational-knowledge

One of the areas included in the Final Draft of the ISO 9001 revision (ISO/FDIS 9001:2015) is 7.1.6 Organizational knowledge. The stated requirement is:

"The organization shall determine the knowledge necessary for the operation of its processes and to achieve conformity of products and services."

In fact, a recent article by Arun Hariharan makes the point that it seems to be the only clause that is completely new and has no equivalent in ISO 9001:2008.

It's part of the Resources section, and shares a space with People and Infrastructure, so it is clearly seen as important. As it stands, however, it's a vague and very non-prescriptive requirement. You could un-pick it such that the organization needs to demonstrate that its knowledge is:

  • Maintained
  • Made available / shared
  • Used
  • Linked to organization's objectives

However, it doesn't offer any suggestions, let alone rules, as to how this might be achieved. It should not be a great challenge for any organization to declare compliance.

The 'glass-half-full' here is that Knowledge Management has started to appear in ISO 9001. The 'glass-half-empty' is that it is so very high-level in its stated requirement. It's barely even a guideline.

That leaves the way clear for the perpetuation of a tendency to pay lip-service to the business-critical nature of organizational knowledge. As one leading expert on search technology has put it:

"Organisations know that information is a business-critical asset but pay little attention to ensuring that the information that has been expensively created by an employee is then discoverable by anyone else in the organisation that has a need for it." -- Martin White (2014)

It feels like there is a very wide chasm between the ISO/FDIS 9001:2015 requirement and better/good practices as seen by Information Management professionals. They know from their data and experience how important it is. For example, a 2011 AIIM survey found that the productivity of professional staff would be improved by 30% if they could find internal information and documents as quickly and as easily as they find information on the Web (Capitalizing on Content: A Compelling ROI for Change).

Not everyone in an ISO 9001 certified organization is necessarily an information worker, but a lot of them are. A 2012 IDC survey showed that overall 9.8% of their time was wasted on non-productive activities (e.g. searching for, but not finding documents). That would equate to adding the time/resources of nearly ten extra staff for every hundred people in the organization (Bridging the information worker productivity gap).

If you work in the interface between Information Management and Quality Management, as we do, there is an extra responsibility to worry about "Findability" and organizational knowledge in the corporate workplace. It is because a 2014 AIIM survey found that 42% of those companies who currently do not have any search tools are most likely to acquire them as part of an Enterprise Content Management (ECM) / Document Management (DM) / Records Management (RM) project (Search and Discovery â exploiting knowledge, minimizing risk). One tool is acquired as a result of choosing another tool.

We have a special responsibility to build on clause 7.1.6 of ISO/FDIS 9001:2015, and promote its importance. There is a large body of work concerning topics such as:

  • Categorisation
  • Enterprise Search
  • Tagging, Meta-data
  • Auto-classification
  • Knowledge Base / FAQs

that we can call on. I plan to explore those topics in a follow-on post.

To round off this post, in the spirit of the Leadership requirements of ISO/FDIS 9001:2015 it would be prudent to remind every CEO and senior management team that they need to understand two things:

  1. Problems of information findability cost the company through waste and extra resources required
  2. Problems of information findability in their company are not primarily a task for IT to solve, at least not in the first instance.

This post was written by Paul Walsh.

Apply risk based thinking to quality processes

Tags: Document Control, ISO 9001, Enterprise Search, Quality Management, Organizational knowledge