INTRODUCTION of A Mechanism to Increase Customer Satisfaction Levels within an IT Company

In an effort to produce quality software, ACT complies with key standards applicable to the pharmaceutical industry.  These standards that govern pharmaceutical software include:

·         General Principles of Software Validation; Final Guidance for Industry and FDA

·         EudraLex Annex 11-Computerized Systems

·         Code of Federal Regulation-Title 21-Part 11- Electronic Records, Electronic Signatures

·         Guidance for Industry: Computerized Systems Used in Clinical Investigations

While these standards provide guidance on how to perform validation and record keeping activities, there is little emphasis on the development of a structured Quality Management System (QMS).  This is not surprising as the concepts of a QMS and existing QMS standards were written from a manufacturing perspective during World War I & II when Information Technology (IT) as an industry was non-existent (Yadav, Kumar, & Kumar, 2014).

As an IT company, ACT represents one of the fastest growing business sectors over the last two decades. With the increase in global competition and the safety critical nature of such technology solutions, customers are increasing their expectations for quality software.  There are a variety of mechanisms that can be used by ACT and other IT companies to improve overall software quality which include the International Organization for Standardization (ISO) process standards, the Malcolm Baldrige Award, the Capability Maturity Model (CMM), and Six Sigma (Yadav, Kumar, & Kumar, 2014). While all of these mechanisms can offer a means to define and improve quality, many customers require documented evidence such as a certification.   To meet the customer expectations for quality software that can be demonstrated, the preferred mechanism for an IT company would be achieving an ISO 9001:2015 certification.  

ISO 9001:2015 is a single standard in a series of quality management standards relating to the development and maintenance of an organizational QMS. First published in 1987, ISO 9000 set out to establish a global set of minimum requirements to be used to improve quality systems across many industries.  ISO’s main focus was and continues to be, raising the satisfaction level of customers by achieving the highest level of quality.  ISO standards define set requirements enabling organizations to develop effective management systems to meet the needs of their customers.  In the initial publication, ISO 9000-1:1987 was comprised on three universal quality models that were further defined in the following process standards (Popovic, 2015):

·         ISO 9001:1987-focused on design, development, production, installation, and servicing and basis for ISO certification

·         ISO 9002:1987-focused only on production, installation, and servicing without design

·         ISO 9003:1987-focused only on final inspection and test without design or production

This set of process standards were initially only used within the manufacturing sector however throughout the 1990’s, as recognition of ISO certification began to gain popularly, the focus of ISO certification shifted into other industry sectors including IT (Namara, 2009).

            Over the years, ISO process standards have evolved based on feedback from technical committees, advisory groups and stakeholders who have implemented the standards within their organization.  On September 23, 2015, ISO released its fourth edition of ISO process standards with included significant changes to the ISO 9001:2015 standard, Quality management systems—Fundamentals and vocabulary (BSI, 2015). The newest release of ISO 9001:2015, focused on creating a QMS model that could be interpreted across other international management systems standards.  Risk based concepts were incorporated and the focus shifted from stringent line item requirements to performance based requirements. This new version of the ISO process standard did however retain its core principles of “Plan, Do, Check, Act” which are incorporated into the ISO requirements.  The 2015 set of process standards including previous revisions are defined as (SGS, 2016):

·         ISO 9000-defines the vocabulary and fundamentals of the ISO 9000 series

·         ISO 9001-defines requirements for ISO certification and consolidates the requirements of ISO 9002 & 9003 that were once separate process standards

·         ISO 9003-guidance document on sustaining organizational objectives

In addition to the above cited process standards, ISO had previously published ISO 9000-3 which is a guideline document to help IT companies interpret and apply ISO 9001 within their organization.  ISO 9000-3 consists of 22 separate clauses that are grouped into three major sections which define a quality system framework for computer software. This companion guideline is intended to be used as a tool to interpret the ISO 9001 process standard but is not considered an auditable standard for certification purposes (Oskarsson, 1995).  The above cited process standards and ISO 9000-3 define the established requirements and needed guidelines set forth by ISO to achieve certification.

 ISO 9001:2015 is the specific process standard of which all industries, including the IT sector, would be audited against for certification.  ISO 9001:2015 defines a subset of clauses that must be met for certification purposes. Clauses 1-3 provide users with a high level scope of the process standard, key references and also definitions.  The remaining subset of clauses define the QMS principles that must be adhered to in order to obtain ISO certification.  This subset of clauses include (Cianfrani, & West, 2015):

·         Clause 4: Context of the organization-requires organizations to define the expectations of all relevant parties including internal stakeholders and customers and define processes to meet these needs

·         Clause 5: Leadership-focuses on the development of a quality policy to align the strategic direction of the company and define management oversight for the implementation of the QMS

·         Clause 6: Planning-discusses risk based decision thinking and defining opportunities to improve product quality and customer satisfaction

·         Clause 7: Support-requires organizations to determine and ensure resources are available to support the QMS

·         Clause 8: Operation-defines the requirements for establishing the operational aspects of the QMS including customer communication

·         Clause 9: Performance evaluation-refers to the method for monitoring and measuring the effectiveness of the QMS from a customer perspective

·         Clause 10: Improvement-focuses on the selection and identification of improvement opportunities to meet customer requirements and improve overall customer satisfaction

The above listed clauses found in ISO 9001:2015 cover organizational activities necessary to provide goods or services per customer specifications.  Each of the defined ISO clauses have a customer based focus and drive towards improved customer satisfaction levels overall. By implementing the requirements of a QMS as prescribed in ISO 9001:2015, IT companies can build a foundation for a QMS to promote the highest level of software quality.  Productivity will increase and rework on design and development efforts will decrease as work will be done right the first time.  By improving the quality of its software, IT companies will also achieve increased customer satisfaction.

 Statement of the Problem of A Mechanism to Increase Customer Satisfaction Levels within an IT Company

The fourth edition of ISO 9001:2015 was released on September 23, 2015. This version of the ISO 9000 process standard, much like previous versions, defines a set of requirements which enable organizations to develop effective management systems to meet the needs of their customers.  By implementing these requirements, IT companies can build a foundation for a QMS to promote the highest level of software quality.  Implementation of the ISO 9001 requirements and achievement of ISO certification will allow IT companies such as ACT, a means to ensure product quality and increased customer satisfaction levels.  By not implementing a QMS and obtaining ISO certification, IT companies are at risk of losing repeat business as customer satisfaction levels decrease.

 Purpose of the Project of A Mechanism to Increase Customer Satisfaction Levels within an IT Company

The purpose of this research paper is to familiarize readers with the ISO 9000 process standards, more specifically ISO 9001:2015 standard as it would pertain to the IT industry. In addition, evidence based surveys will be used to demonstrate a correlation between a QMS, ISO 9001:2015 certification, and customer satisfaction. Based on survey results, recommendations for ISO certification preparation will be provided within the Results and Discussion section of this document.

Theoretical Bases and Organization of A Mechanism to Increase Customer Satisfaction Levels within an IT Company

This paper builds upon existing quality management principles and ISO 9001 requirements set forth by ISO. Additionally, perspectives from companies who have obtained ISO certification will be incorporated as a basis for discussion. ISO implementation recommendations will be derived from common QMS practices within the pharmaceutical industry.

Limitations of the Project of A Mechanism to Increase Customer Satisfaction Levels within an IT Company

The fourth edition of ISO 9001:2015 was published in 2015 and has been in circulation for just over three years. Because this is a newly released version of the process standard, it is unclear how the IT industry worldwide will be affected by the significant changes set forth within this version. Implementation of a QMS and ISO certification has proven to be difficult for the IT industry based on the stringent line item requirements defined in previous versions of this standard (Oskarsson, 1995).  The recent changes in ISO 9001:2015 may increase or decrease the popularly of ISO certification within the IT industry, however the impact of the changes will not be known for some time. Additionally, the customer’s perception of the changes may alter the perceived value of ISO certification within the context an organization and have less impact on customer satisfaction levels overall.

Definitions of Terms of A Mechanism to Increase Customer Satisfaction Levels within an IT Company

ISO 9001:2015- Per ASQ “the requirements for a QMS that organizations can use to develop their own program” (ASQ, 2018). 

Quality Management System-  Per ASQ “A quality management system (QMS) is a formalized system that documents processes, procedures, and responsibilities for achieving quality policies and objectives” (ASQ, 2018). 

Relevant Studies of a Mechanism to Increase Customer Satisfaction Levels within an IT Company

                Before assessing the relationship between a QMS, ISO certification, and customer satisfaction, it’s important to determine the relevance of this certification within the IT industry.  In 2017, the ISO conducted its annual survey to determine the number of valid ISO certifications worldwide.  Individual accredited certification bodies were contacted to report how many valid ISO certifications they have issued by industrial sector (refer to Table 1).  The data shows that certifications within the IT sector has risen significantly with the initial valid certification count at 5,826 in 1998, as compared to 33,664 valid certifications in 2017.  The IT sector is now the 9^th highest certified industrial sector worldwide.  This data would demonstrate that ISO 9001 certification is very much relevant to IT companies (International Standards Organization, 2017).

Table 1

Number of ISO Certifications in the IT Sector

In 2006, the Independent Association of Accredited Registers (IAAR) was interested in understanding customer perceived benefits of ISO certification.  Survey participates were asked to identify reasons for obtaining ISO certification and also the gained benefits of which were achieved (refer to Table 2).  Based on the results, participates identified seven key benefits of which they felt the organization realized from their current certification. Of these, 57% of respondents indicated that “improved perceived quality” was the greatest benefit of ISO certification.   The next highest reported benefit was “improved customer satisfaction” at 55%. The remaining reported benefits were “competitive advantage” (36%), “reduced customer audits” (31%), “increased market share” (11%), “quicker time to market” (4%) and “other” (9%). Based on these survey results, it can be concluded that there are many benefits of ISO certification, however better quality and improved customer satisfaction are still the main drivers for obtaining certification (IAAR, 2006).

Table 2

Reported Benefits of ISO

In 2010, ISO’s Technical Committee 176 sponsored a world-wide survey of 11,722 users of the ISO standards.  The focus of this survey was to better understand the perspective of ISO users and identify areas of the standards that could be more relevant in the future.  Survey respondents were asked to identify the key factors that influence their decisions for obtaining ISO certification (refer to Figure 1).  A total of 36% survey respondents said that customer satisfaction was the main influence for obtaining ISO certification. In addition, 28% reported that ISO certification was a client mandate.  Based on these survey results, it would demonstrate that the majority of respondents (64%) obtain ISO certification to meet the overall needs of their customers (International Standards Organization, 2011)

Figure 1–Factors for Achieving ISO Certification; Provided by International Standards Organization

            In a 2016 survey sponsored by QMS International, survey respondents representing  various industry sectors, were asked questions relating to the achieved benefits of ISO certification within their organization (refer to Figure 2).  Survey respondents identified a total of eleven benefits however 76% of respondents reported ISO certification brought them improved quality management processes.  Not surprisingly, 53% of survey respondents also reported that ISO certification increased overall customer satisfaction.   Within the IT sector specifically, 3 out of 4 survey respondents reported increased customer satisfaction as the greatest benefit to ISO certification (QMS International, 2016).

Figure 2–Achieved Benefits of ISO Certification; Provided by QMS International

                       The 2017 ISO survey demonstrates a significant increase in the number of certificates issued to IT companies and shows a perceived value within the IT industry.  Survey results also show that implementation of ISO 9001 and achievement of certification does increase customer satisfaction levels.  It can be concluded however, that the ISO certificate itself is not the sole reason for increased customer satisfaction levels but rather the implementation of an organizational QMS to fulfill the requirements of the ISO standards.  By implementing a QMS, IT companies such as ACT, are able to provide goods or services per customer specifications, thus increasing customer satisfaction overall.

Results and Discussion of a Mechanism to Increase Customer Satisfaction Levels within an IT Company

            Cited surveys confirm that customer satisfaction levels are directly related to implementation of a QMS and achievement of ISO 9001 certification. Within an IT company, implementation of a QMS can be seen as document intensive and therefore a hindrance to the design and development of software products (Oskarsson, 1995).  The following recommendations (refer to Figure 3) will describe measures that can be used to meet the ISO 9001 requirements while ensuring design and development activities within an IT company remain at optimal capacity.

Figure 3-ISO Preparation Steps

                      Initial preparation steps begin with the identification of the associated processes based on input and outputs of IT service solutions.  Organizations should create a process diagram to define the main quality and operational processes within the organization. Recommended processes specific to the IT industry can include (Popovic, 2015):

·         Quality Systems-defines the quality processes needed to meet the objectives per ISO requirement

·         Service Delivery-defines operational processes for the management of customer orders

·         Contract Management-defines the operational processes for the initial bid defenses and pricing on ordered work

·         Purchasing-defines the operational processes for third party vendor management of materials and support services

In the creation of the process diagram, organizations should also consider those internal stakeholders and customers who may have input into each process. By creating a process diagram organizations are defining the context of the organization (Clause 4), establishing a planned QMS (Clause 6), and defining set requirements for key operational activities (Clause 8).

                 Once the process diagram is established organizations, must then define how they will organize their processes within a QMS framework. This will require organizations to create a document hierarchy of which the processes will correspond to.  A common hierarchy often used within the manufacturing sector that can be applied within the IT industry is as follows (Pharmout, 2016):

·         Quality Manual-defines the hierarchy of the QMS the overall responsibilities, resources, operations, customer interactions, and quality processes

·         Policies-high level interpretation of international standards and business decisions describing why something is being done

·         Procedures-defines the who, when, where and the next tier steps taken in response to policies

·         Work Instruction – describes the how, what and the specific steps to perform functions set out in the policies and procedures

·         Lists/Forms-used to capture data/information as a result of output from processes 

By defining the framework of a QMS, organizations are establishing the foundation of which identified processes within the process diagram will be written. This step further helps organizations define the context of the organization (Clause 4) and establishes demonstrated leadership from top management (Clause 5).

                 The next step is to write the needed documents that describe the main processes defined in the process diagram. This can be achieved in a number of ways through the use of standardized templates purchased online, use of existing documents in place, or developing a new set of document templates specific to the company.  It is also important in this step to define any exclusions from the ISO requirements that would pertain to the IT industry.  Referencing ISO 9000-3 is one way to identity these exclusions and ensure compliance to the requirements. The ultimate goal of this step is ensure that there are processes in place to meet both the quality and operational requirements set forth within each clause.

                 The final step in preparing for ISO certification is to perform an internal audit against the ISO requirements. To do so, organizations should develop a checklist of all ISO clauses, define how a particular requirement was met, and also define if the requirement was excluded and why (refer to Table 3).

Table 3

Example of ISO Audit Checklist

Any requirements of which were found to be non-compliant would require a reassessment by top management to determine next steps. By following the prescribed steps defined above, IT companies will be able to achieve ISO 9001 certification while ensuring design and development activities remain at optional capacity.                                                                                     

Discussion and Summary of A Mechanism to Increase Customer Satisfaction Levels within an IT Company

 Per ASQ, a QMS is a “formalized system that documents processes, procedures, and responsibilities for achieving quality policies and objectives” (ASQ, 2018).  QMS principles and existing standards were written from a manufacturing perspective during World War I and II (Yadav, Kumar, & Kumar, 2014).  While these principles were common within the manufacturing industry, it wasn’t until 1987 that ISO published its first edition of ISO 9000. This series of quality management standards defined a set of requirements to achieve an effective management system.  Throughout the 1990’s the ISO series and certification grew in popularity and soon became a universal standard across many industries including the IT sector (Namara, 2009).

In September 2015 the fourth edition of ISO 9001:2015 was published, incorporating risk based concepts that could be utilized within other international management system standards.  The focus of this latest edition continued to be raising customer satisfaction levels by achieving the high quality goods and services.  The requirements set forth in ISO 9001:2015 are divided among a subset of clauses and define the QMS principles that must be adhered to achieve certification. The clauses require organizations to determine their processes at an operational level, identify methods for performance monitoring and improvement, and establish a context of the organization with a focus of leadership and support functions (Cianfrani, & West, 2015).

Implementation of the described QMS requirements set forth by ISO 9001:2015 have often been seen as document intensive and a hindrance on software design and development activities (Oskarsson, 1995).   Additionally, with global competition and the critical nature of software products used for clinical trials today, customers are increasing their expectations for quality software and ISO certification (Yadav, Kumar, & Kumar, 2014).  Recommendations on the achievement of ISO certification within an IT company can be broken down into four defined phases to assure optimal operational capacity. These phases include 1) the creation of a process diagram, 2) defining the framework/method of the QMS, 3) writing the needed processes, & 4) performing an internal audit. By implementing these steps, IT companies can achieve ISO certification, ensure product quality and increase customer satisfaction levels overall.

Areas to be considered in further research would include a comparison of ISO 9000-3 against ISO 9001:2015. As a companion guideline ISO 9000-3 is not structured in the same manner as ISO 9001:2015 and it would be helpful to users to understand any key gaps with the two standards.  Additionally, it would be important to understand if there is a perceived value in maintaining ISO 9000 certification after the initial certification period is over. Because of the cost incurred by certification activities, IT companies may find the establishment of the QMS is enough to maintain customer satisfaction levels.

Conclusions on A Mechanism to Increase Customer Satisfaction Levels within an IT Company 

ISO’s main focus for the development of the ISO 9000 process standards is to raise the satisfaction level of customers by achieving the highest level of quality.  By taken the appropriate preparation steps, IT companies such as ACT, can meet the requirements set forth in ISO 9001:2015 and achieve ISO certification.  This certification will enable IT companies the ability to develop a QMS framework, promote improvements in overall software quality and increase customer satisfaction levels overall.

References of A Mechanism to Increase Customer Satisfaction Levels within an IT Company

ASQ. (2018) What Is A Quality Management System (QMS)?—ISO 9001 & Other Quality Management Systems. Retrieved from http://asq.org/learn-about-quality/quality-management-system/

BSI. (2015). ISO 9001 Whitepaper-A history and future of ISO 9001. Retrieved from

https://www.bsigroup.com/LocalFiles/en-GB/iso-9001/Revisions/Whitepaper-the-history-and-future-of-ISO-9001.pdf

Cianfrani, C.A., & West, J.E., (2015). ISO 9001:2015 Explained-Forth Edition. Milwaukee: Quality Press.

IAAR. (2006). IAAR Customer Satisfaction Survey 2006-1. Retrieved from

http://www.iaar.org/IAARCustomerSatisfactionSurveyResults-2006.htm

International Standards Organization (2011). ISO 9000 User Survey Report. Retrieved from

https://www.iso.org/tc176/sc2/ISO9000UserSurvey

International Standards Organization (2017). ISO Survey 2017. Retrieved from

https://www.iso.org/the-iso-survey.html

Namara, S. J. (2009). Do Companies Value Maintaining ISO 9000 Certification? 2009 Case Study of 41 US Companies First Certified in 2000. Masters Thesis & Specialist Project. Paper 143. Retrieved from http://www.digitalcommons.wku.edu/theses/143

Oskarsson, O. (1995). An ISO 9000 Approach to Building Quality Software. Retrieved from http://www.oskarsson.se/useful_info/ISO9000/Ch0.htm#Contents

Pharmout. (2016). How to implement a Quality Management System: Whitepaper. Retrieved from http://www.pharmout.net

Popovic, T. (2015). Getting ISO 9001 Certified for Software Development Using Scrum And Open Source Tools: A Case Study. Technical Gazette 22, 6(205), 1633-1640. doi:10.17559/TV-20140704180948

QMS International (2017). ISO 9000:2015 Client Survey 2016. Retrieved from https://www.qmsuk.com › ISO 9001 Client Survey Results 2016

SGS. (2016). The Route To ISO 9001:2015-Avoiding the Pitfalls. Retrieved from

                https://www.sgsgroup.com.hk/-/media/global/documents/brochures/sgs-cbe-the-route-to-iso-9001-2015-lr-a4-en.pdf

Yadav, M., Kumar, S. & Kumar, K. (2014). Quality Standards for a Software Industry-A Review. IOSR Journal of Computer Engineering (IOSAR-JCE), 2, 87-94