Saturday, July 6, 2013

Compliance with the ISO (International Organization for Standardization)

ISO(International Organization for Standardization) is a body that sets standards and specifications for products, services, and practice to help companies deliver good quality products to the consumers. And because the standards are developed through global consensus, they allow for a smoother international trade.

In Japan, ISO is called 国際標準化機構, and many Japanese companies strictly observe the standards set by ISO. In a 2011 survey conducted by ISO, there were around 61,770 ISO-accredited companies in Japan. The certifications included are ISO 9001, ISO 14001, ISO/IEC 27001, and ISO 5001.

Our company carries an ISO 9001 certification, which is a set of standards designed specifically for quality management. It defines the internationally recognized standards for developing software products that will, in theory, satisfy the needs of the clients. According to the Japan Accreditation Board (日本適合性認定協会), as of July 5, 2013 there are 38,515 ISO 9001-accredited companies in Japan for all industry sectors. In the IT sector, there are 1,500 ISO-accredited companies - the company I'm currently working for being one of them.

ISO 9001 introduces a process-based approach to quality management. This process-based approach places importance on performing quality check in every stage of the system development process. In a process-based approach, the output of one stage serves as input to the next stage, therefore, if there are loopholes in the predecessors, one cannot expect to deliver good results.

In order to make sure that a company is able to satisfy the needs of their clients, the ISO 9001 divides quality management into 4 stages: identification and understanding of clients' needs(企画の品質), planning(設計の品質), development(製造の品質), and support and maintenance(サービスの品質).

The terms I used are different from the ones shown in this diagram, but they are closer to how we actually execute the process in our company.
Simply put, in order to create products that will satisfy the needs of the clients and conform to international standards, thorough quality assurance checks are necessary in every stage of the development process. (I used "development" process, which usually refers to the software development stage itself, but in this case, I will use it to refer to the bigger picture, which includes management). The detailed process of quality management for each stage, including the documentation, is contained in the ISO 9001, but unfortunately, you have to buy the standard in order to implement it.

After doing my research about all of these, I came to understand why our company recently performed an organizational restructuring - it was all to comply with the 4 stages defined above. The company now has a section dedicated for each of the stages and this change is expected to make management smoother and easier.

I belong to the "development section" (開発課) so with regards to how conforming to the standards set by ISO has affected our performance, I can only speak from the software development point of view. I cannot go into a very detailed description, but basically, the software development stage is divided into smaller units, each of which requires proper review and documentation. 

Now, I cannot stress enough how important documentation is in software development. It provides grounds for evaluation, and serves as valuable reference. In our company, we create both program-level and user-level documentation. Reviews of the program documentation itself are conducted before and after the source code is written, thereby preventing loopholes that may arise from lack of planning and understanding, and making sure that the final product will be able to meet the clients' needs. The test cases and patterns are also reviewed and evaluated for thoroughness and accuracy. Meanwhile, the user-level documentation is written in a way that will be understandable to the normal, non-IT person, which are the clients.

All of the above are part of the ISO 9001, to which our company is trying to conform. We undergo regular inspection at least twice a year, and the results are announced so that everyone knows how the company fared in terms of protecting and following the standards.

In my opinion, conforming with the ISO standards has brought me ease with my work. Being a foreigner working in Japan, cultural differences and language barriers pose a big challenge to smooth communication. But with standards to follow, the language may be different, but we know we are talking about the same thing, we understand what we are supposed to do and how we are supposed to do it.

Of course, no one ever said that the standards set by ISO should be followed to a tee - companies can improvise and expand the basic guidelines to suit the nature of their business. What the ISO wants to achieve is to be able to provide companies all over the world with guidelines that will help them create products and services that will be deemed "high quality" no matter where in the world they are used.


1 comment: