Evolution of Management System Certification: An overview

. This chapter addresses the Management System Certification. The history of ISO and its evolution from MIL-Q-9858 to currently known as ISO 9000 has been discussed. We’ve also explored how the actual need for quality was discovered and how it led to the formulation of various sector-specific standards. Further, in this chapter, we’ve discussed various ISO Standards and we’ve also mentioned the primary benefits of being ISO certified. This chapter also covers the pre-requisites for procuring a certification and the comparison of India with the rest of the world. Finally, this chapter summarises sectors where a lot of work still needs to be done.


Introduction
The application and certification of Management Systems International Standards, such as ISO 9001 and ISO 14001, has attained great global recognition with more than one million organisations with their Quality Management Systems certified worldwide. The basic concept of ISO 9000 that is Quality Management System is more than three decades old. It was never anticipated that it would end up being adopted by more than one million organisations in over 180 countries when it was introduced. The diffusion of ISO 14000 though not that dramatic but has been adopted by almost five hundred thousand organisations worldwide. This figure has crossed all the past anticipations [1][2].
The widespread acceptance of the very concept of third-party certification owes to the success of ISO 9000 and ISO 14000. After that, several other standards have emerged, Food Safety Management IS/ISO 22000, Information Security Management IS/ISO/IEC 27001, Medical Devices Management IS/ISO 13485 being some of them. We might view the global adoption of ISO 9000 and ISO 14000 that standards are a success. Still, various reports and research studies, newspaper articles and individuals directly involved with the activity reported a wide range of experiences concerning their effective implementation.
Some of the benefits attained include increased sales, improved access to the international market, cost reduction, better communication with the provider, and improved staff morale. The widespread adoption, including by many leading firms worldwide such as Bentley, Chrysler, DHL, DuPont, Fiat, Samsung, Nestlé, Royal Dutch/Shell, and many more, suggests that many firms do see benefits. Illustrations of positive experiences abound. The CEO of Samsung commented that they have achieved "operational benefits and effectiveness" with ISO 9000 certification. DuPont reports that ISO 9000 and ISO 14000 provide "a reliable source of confidence in [their] supply chains." The International Maritime Organization (IMO) recognises the positive impact of ISO 28000 standards on supply chain security. At the same time, the Wrigley Company acknowledges the positive impact of ISO 22000 on its supply chain food safety. Simultaneously, the ISO 9000 and 14000 standards have been the subject of strong criticism: certified firms are said to adopt the standard in a ceremonial fashion and auditors are portrayed as biased profit-seeking entrepreneurs [3].
The rest of the chapter is structured in this manner. Section 2 discusses the history and evolution of the management system. How it rooted from Quality Assurance to Integrated Management System is also described too. Section 3 discusses the Global standards published by ISO. Further, in section 4, we discuss the primary benefits of the Management System. Section 5 tells us about the procedure for acquiring an ISO certification while Section 6 deliberates upon ISO's scenario in India vis-à-vis world. Section 7 presents the concluding remarks.

Management System
A management system is a set of guidelines, progressions and measures used by an organisation to certify that it can fulfil the tasks required to achieve its objectives. These objectives cover many facets of the organisation's manoeuvres, including financial success, safety operations, product quality, legislative and regulatory conformance and worker management.

The History of Quality Management
Modern-day Total Quality Management has its' origins during the Second World War. The generally acknowledged founding father of TQM is W.Edwards Deming. An American statistician, he made a significant contribution to quality improvement in the United States through statistical process control (SPC). He introduced American engineers in particular to the concept of SPC and pioneered scrap reduction and general quality improvements in materials for the American war efforts. However, his reputation for Quality improvement was established in post-war years when General D. Douglas Mc Arthur was invited to help the war-torn Japanese economy in its reconstruction efforts.
His Views on quality were accepted with enthusiasm in Japan, and the Japanese 'Quality Revolution credits him'. The principal theme of his philosophy was the reduction of product manufacture variability with the emphases on statistical monitoring and control. If one compares Japanese goods of the 1950s and present-day Japanese goods, the difference is quality is largely due to Deming's influence.
A second 'guru', Dr Joseph Juran, achieved equal fame in helping the Japanese instil quality into their production facilities. His definition of quality ---'Fitness for use or purpose '---is perhaps one of the most widely quoted definitions of all. He placed great emphases on the need for the good management and 'human element' of quality to be developed, alleging that system controlled by management caused at least 85% of the failures in any organisation [4].
While these two thinkers were heavily influencing Japanese attitude, economies took a different course back in the west. More and more emphases were placed on Quantity rather than Quality in the post-war years' economic growth. By the 1960s, however, Quality awareness was beginning to show. A growing consciousness of the consumer characterised this decade in the quality of products.
Meanwhile, in Japan, the Quality revolution was gathering pace. By the 1980s, western economies were shaken when traditional Western products were suddenly overwhelmed by high-Quality Japanese imports. To remain in business, the west was forced to reassess quality. By 1990's most economies started to some in terms with Total Quality. More enlightened employees also started realising that TQM represented market strategies and perfected systems and a combination of technical know-how and effective use of people. Thus, the concept of Quality Management system was conceived.

Background of Quality Management System
The first attempt to standardise was made in the United States of America wherein MIL-I-19858, and MIL-I-45208 were used as quality systems specification and inspection standard, respectively in the defence contract. These two specifications were the ones which formed the bases for a series of three standards designed for NATO use. These were called allied quality assurance publications (AQAP). Despite its membership of NATO, The UK did not accept AQAP standards and released its three specifications, which were called defence standard or DEF. STANS. In the DEF.STANS, the UK introduced some requirements of design to the quality systems. Though, later on, AQAP standards were allied with DEF.STANS and finally obsoleted.
A need was felt to adopt quality systems standards in industries. The solution for this was finally put forward in 1979 with the official publication of BS 5750. The international standards organisation (ISO) committee under Canada's chairmanship later worked to produce a series of international quality system standards in 1987 popularly known as ISO 9000 series of standards. The chronological evolution of the quality management system is thus shown in Figure 1 for the interested readers.

Global Standardisations and Accreditations
The key IS/ISO/IEC Standards for management system certifications are given under this subsection.

Quality Management IS/ISO 9001
ISO 9001:2015 is a Quality Management System Standard. The mother of all the subsequent sector-specific management systems standards published by ISO intended to create an efficient and functioning business operation and is focused on enhancing customer satisfaction by directly meeting their requirements controlling organisation concerning quality.
Certification of the Quality Management System is a validation from a self-regulating, competent and accredited organisation that the business adheres to the necessities of an internationally recognised Quality Management System Standard [5]. The following diagram shown in Figure 2 explains the evolution of ISO 9001.

Environmental Management IS/ISO 14001
ISO 14001:2015 aids the organisation accomplish and continually improve its environmental performance through more efficient use of resources and reduced waste, which ultimately leads to gaining a competitive advantage and trust of stakeholders. Its implementation helps the organisation detect, manage, observe and regulate their environmental issues in a holistic manner. Certification for this environmental management system is an operative means to attain credibility. Certification to ISO 14001 helps attain market access in areas where a good reputation associated with environmental awareness is important and where effective environmental management is a standard for being accepted as a provider [6]. The development of ISO 14001 is showcased with the help of Figure 3.

Food Safety Management IS/ISO 22000
ISO 22000:2018 is a certification for Food Safety Management System standard where an organisation establishes its capability to control food safety hazards to certify that food is safe for human consumption [7]. Its implementation is considered a strategic decision for an organisation. It helps to comply with the applicable statutory and regulatory requirements, identifying the risks associated, ultimately improving its overall food safety performance [8]. ISO 22000:2018 is valid to all types of establishments, regardless of size, which is involved in any facet of the food chain [9]. The highlights of the ISO 22000 are depicted in Figure 4.

Occupational Health and Safety Management OHSAS 18001/IS 18001 /IS/ISO 45001
OHSAS 18001/IS 18001 was initially designed to help industries control occupational health and safety threats for better performance based on BS8800:1996 (Guide to Occupational Health and Safety Management Systems). It addressed identifying risk at the workplace and methods to control and implement them, which would ultimately lead to fewer accidents, reduced downtime and less revenue loss [10].
ISO 45001 is an ISO standard for OHSAS published in March 2018, based on OHSAS 18001 which includes some additional elements to BS OHSAS 18001. It aims at proposing requirements for an occupational health and safety (OH&S) management system, with supervision for its use, to enable an association to proactively advance its OH&S performance in avoiding injury and ill-health [11].
ISO 45001:2018/ OHSAS 18001:2007 are parallel running management systems for the operational environment and safety comparable to what is used for quality assurance within a corporation [12].
By 31 st March 2021, ISO 45001 will completely supersede OHSAS BS 18001/IS 18001. The evolution of ISO 45001 is displayed in Figure 5.

Information Security Management IS/ISO/IEC 27001 ISO/IEC 27001:2005 is a requirement for an information security management system (ISMS). An ISMS is a framework of policies and procedures that includes all legal, physical and technical controls involved in an
organisation's information risk management processes. This certification protects information from a wide range of threats, thus keeping the business continuity ensured. According to this certification, ISO 27001 was established to provide a model for founding, applying, functioning, monitoring, revising, preserving and refining an information security management system [13]. The chronological developments of ISO 27001 are narrated in Figure 6.

Energy Management IS/ISO 50001
As we all know, energy is one of the most important requirements of a country's technological progress. Energy Management is thus, a global concern. Managing and reducing energy consumption help in mitigating climate change as well as enhances the corporate reputation. Energy Management system aims to maintain optimum energy utilisation and minimise the cost of energy and mitigating environmental effects [14]. ISO 50001 is a corporation level certification based on a standard issued by the International Organization for Standardization (ISO). The certification necessitates usage of an energy management system with a key purpose of using energy more professionally. The standard is established on a management system model of persistent improvement, similar to some other common ISO standards. The certification demands a corporation develop an energy policy, achieve goals to meet the policy, consume data to meet goals, measure policy efficiency, and repeatedly make developments to the policy [15]. The evolution of ISO 50001 over the years is shown in Figure 7.

Security Management ISO 28000
ISO 28000 is an international standard for Security Management System which reports the necessities of a Security Management System (SMS) for the supply chain. This standard has been specifically developed for logistics companies and organisations that manage supply change operations [16]. The supply chain is an essential requirement for organisations involved in the International supply chain, especially those having to comply with stronger security from customs or rivalries [17]. With ISO 28000, the association can determine if suitable security measures are in place and protect their assets from various threats [18]. The development of ISO 28000 over the years has been showcased in Figure 8.

Medical Device Management IS/ISO 13485
ISO 13485 is an International Standard for Medical Devices Quality Management System which permits organisations to validate their ability to deliver medical devices and related facilities that constantly meet customer and regulatory requirements [19]. This standard applies to organisations involved in medical device manufacturing, design and expansion, storage and supply, installation or repairing of medical devices and associated activities, irrespective of size or business type. Its implementation improves the performance of products and processes involved, leading to a reduction in cost, more faith to the customer using the device, and increasing sales [20]. The evolution of ISO 13485 is shown in Figure 9.  Adventure tourism is one of the fastest emerging industries in modern days, and without apt safety measures, it could be a tragedy to human life & reputation. The above standard monitors the best practice in the business, concentrating on hazards associated with it.
With its implementation, organisations can reduce accidents and risk being sued for negligence, leading to a reduction in insurance premium. It also helps in the growth of adventure tourism and preserving the environment and culture [21].

Anti-Bribery Management IS/ISO 37001
Standard 37001:2016 for anti-bribery management systems is an international standard published by ISO in 2016. The standard postulates necessities and guides establishing, executing, sustaining, revising and improving an anti-bribery management system (ABMS). This is an important move considering the continued prevalence of bribery and corruption globally, particularly in developing countries like India. It is widely understood that legislation alone cannot curb bribery and corruption unless accompanied by other measures such as framework, policies and guidelines [22].

Road Traffic Safety Management IS/ISO 39001
ISO 39001 is an ISO certified management system for road traffic safety whose purpose is to minimise the number of severe and mortal accidents. Governments need the support of regulations and guidelines to take action on the matter of road safety. ISO 39001 also has a communal role: safer mobility and the necessities of the standard bring security benefits for the whole society. According to the world analysis of accidents, it was approximated that more than 1.2 million people die in Road Accidents every year. The sole purpose of publishing this certification was to make guidelines that spread traffic discipline and minimise road accidents [23]. The main focus of ISO 39001 has been highlighted in Figure 10.

Education Organisations Management System ISO 21001
ISO 21001 is an International Standard for Education Organisation Management published by the ISO in 2018. It intends to help educational institutions to meet student requirements and needs. ISO 21001 is based on ISO 9001.
Education, as we know, is a fundamental requirement for every member of society. Thus, everyone is somehow concerned about the quality of education they get. ISO 21001 Certification enables the organisations to provide educational services efficiently and offers a personalised experience to all the learners.

Benefits of Management System Certification
The primary benefits of being ISO certified are discussed below:  The organisation has an objective proof that it attaches great importance to quality and gets everything audited regularly by internal and external auditors. This commitment increases assurance in the organisation.  The organisation can accomplish higher operating productivity. It is believed that every organisation that considers Management Systems as an essential part of their business operations generally achieves higher operating efficiency than those that do not.  A certified Management System increases the quality of the manufacturing organisations' and service providers and raises awareness amongst the employees.  A certified Management System makes sure that clear processes and communication structures, responsibilities in the entire organisation. This, therefore, increases the involvement of employees, thereby improving the working atmosphere and reducing work pressure.

Procedure for Certification
For getting certified, the organisation first has to develop and document its production processes, with the correct implementation of all procedures to ensure that it maintains the Quality Standards. The essential steps involved to get ISO certified are:  Firstly, the organisation needs to identify its core business processes and document them with its employees' help. Then the documents are reviewed, approved and distributed among the officials who need access to them.  The organisation then makes sure that the procedures that are mentioned in the documentation are being followed correctly. It also ensures that the employees are trained properly and that the effectiveness of the processes is being monitored. Then a review is done, and the required improvements are made.  An internal audit is conducted by the organisation where the processes are reviewed, employees are interviewed, the records are checked, and the strengths and weaknesses or Management System are noted to require corrective measures.  Lastly, an appropriate auditing body is selected for external registration, the Management System documents are submitted to them for review and to ensure that they comply with the applicable standard. The external auditor then reviews the system and checks whether systems requirements are being satisfied and if the Management System is implemented or not.

The scenario of ISO Worldwide and in India
ISO has been conducting a survey every year and analysing the status of all the standards throughout the world. According to the latest survey of 2019, the comparison of various standard certifications between India and the World, followed by the comparison of India with the leading industrial nations. These are provided in Figure 11(a)-€. Fig. 11 (a). Comparative study of ISO certificates issued in India concerning the world. Comparison of Certificates issued Worldwide and in India Fig. 11 (d). Comparative study of ISO certificates issued in India concerning China. Fig. 11 (e). Comparative study of ISO certificates issued in India concerning the USA.

Conclusion
The chapter provides a comprehensive overview of the Management System. It addresses the journey of Management System from Quality Assurance to the current scenario. Apart from ISO 9000 which has been implemented worldwide, the other management systems which lacks popularity are quite useful for the organisations need to be implemented with the same spirit. The organisations are required to be made aware of going for sector-specific Management System instead of ISO 9000. Like the food industry one should opt for Food Safety Management System and Education sector should implement Education Organisation Management System. Due to huge corruption throughout the world implementation of Anti Bribery Management System should be made mandatory by various governments. Similarly, the Road Traffic Safety Management System's implementation would help reduce fatal accidents around the world.