Why did ISO9000 come about? I think it addresses a problem of lack of trust in the corporate world. Its main purpose is to raise (someone’s) confidence in the ability of an organization of human beings to deliver value to some other organization. Such confidence is needed prior to entry into formal agreements and commitments to allay fears. It is a problem of scale, as well. If I need a licensed plumber, I might ask my neighbor for a recommendation, because I trust my neighbor to give me an honest opinion. If I have a small company, as I grow I can get more customers by using existing customers as references. But suppose I am a large corporation with government contracts requiring high levels of security and privacy? How do I get new customers? I have to develop marketing and public relations, since customer references are no longer useful.
ISO9000 is a form of marketing. It is a strategy for building confidence in one otherwise unknown party by another. It may succeed at some level at that goal. But it is a goal of manipulating perceptions, not one of producing good products. Good products still have to be produced, even where there is ISO9000. And good products can be produced where there is no ISO9000. ISO9000 is primarily about creating the perception of the ability to produce goods, not about actually doing this. It is about creating a feeling of trust, prior to the existence of any material basis for it, just like my feeling of trusting the new plumber before he or she does the job for me.
Another dimension of trust, or lack thereof, comes from managerial culture. Managers by definition do not produce the goods. Workers do that. Unless managers know what their workers do, i.e. have direct experience of quality work done in the past, they have no basis for trust of their workers, other than the standard credentials of education and experience, the basis on which workers are hired. ISO9000 can thus be wielded as a weapon of command and control. In place of trust, managers can impose “processes” on workers with the premiss that rules, if followed, will lead to a good product. Instead of trusting workers, the managers can get a similar feeling of confidence that the customers get from having ISO9000 in place.
To summarize: ISO9000 arose to address some of the lack of trust issues inherent in the contexts of inter-corporate and intra-corporate social structures. It presupposes lack of trust and substitutes feelings of confidence that can only be confirmed (or not) at the end of the product delivery cycle with the establishment of trust based on history.
The important point is not to confuse a feeling of trust based on a marketing strategy with trust based on outcomes. Yes, ISO9000 purports to measure the outcomes. But how well does it succeed at that measurement and how well can that measurement be trusted? Some people easily believe whatever they are told. Others need to be convinced by experience. Which type of person are you?
For an overview of ISO9000 try Wikipedia
Whenever I want to learn about some philosophy, such as ISO9000, I make a point of finding some credentialed critics of it. The British author, John Seddon is a noted critic of ISO9000. You can read a summary here.
His book “Freedom From Command and Control” is available on Amazon: