qualitaet-header-blog-dqs-bunte bausteine

Knowledge of the organization in ISO 9001 - What does the standard say?

Frank Graichen

Expert for ISO 9001 Quality Management
May 31 , 2023
# Quality management requirements

In many cases, international standards have provided forward-looking impetus and enabled companies to build effective management systems. However, when ISO 9001:2015 finally included the topic of "organizational knowledge" in its catalog of requirements five years ago, it had already been discussed in relevant circles for 20 years - an overview.

CONTENT

As early as 1995, Hirotaka Takeuchi and Ikujirō Nonaka published "The Knowledge-Creating Company: How Japanese Companies create the Dynamics of Innovation." With this, they drew the attention - perhaps for the first time - of business leaders to the knowledge of their organizations. In the years that followed, other approaches emerged, each with a different focus and its own theoretical and practical goals. The field of knowledge management emerged in the late 1990s.

What unites these approaches is the premise that an organization's knowledge is not a given condition for corporate success. Rather, it must be fostered through appropriate structures and measures, aligned with strategic business objectives.

Knowledge of the organization in ISO 9001

In a very similar vein, the ISO 9001:2015 quality management standard revisits the topic after two decades. However, the more comprehensive ideas from some knowledge management approaches are not reflected in it. Instead, it is a rather general requirement not to lose sight of the topic and to deal with the associated risks and opportunities.

For everyday use, the associated chapter 7.1.6 "Knowledge of the organization" in ISO 9001 is the request to consider precisely this knowledge as an indispensable resource for sustainable corporate success and to take appropriate measures as a result.

DQS-Auditleitfaden ISO 9001:2015 in der Praxis

The most frequently asked audit questions and possible evidence.
More than just a checklist!

From experts in the field.

Auditleitfaden kostenfrei herunterladen

What does ISO 9001 require in detail?

The well-known ISO standard is primarily concerned with that knowledge which the organization needs "to carry out its processes and to achieve conformity of products and services". The organization must ensure that this knowledge is maintained and available. And, with an eye on possible changes, it must look at how it can acquire and make available knowledge that may be needed in the future - in addition to the knowledge it already has.

Knowledge is an indispensable resource for sustainable corporate success!

Source: DIN EN ISO 9001:2015-11 - Quality management systems - Requirements

In the two notes, which, by the way, do not have any requirement character in ISO management system standards in principle, follow, in addition to the (rather trivial) statement that the knowledge of the organization is the organization-specific knowledge, some more short explanations and enumerations, which, however, only contain generally known information.

Some considerations about the knowledge of the organization

The requirements on organizational knowledge are thus formulated in quite general terms - and abundantly succinctly at that. The impression is that the topic should indeed be included. However, standard users of ISO 9001 should not be overburdened with details. And enough room should be left for meeting the requirements - for example with regard to completeness and the level of implementation.

But even without delving too deeply into the question of what ISO 9001 means by the term knowledge of the organization, a whole range of tasks and problems can be associated with it:

  • Dismissal of frustrated employees
  • age-related departure of highly motivated employees
  • unintentional deletion of development results
  • technological progress
  • digital work
  • ...

Most of the tasks facing top management, as well as department heads and quality managers, have to do with knowledge - knowledge that you simply

  • that you simply have,
  • that you know you don't have,
  • that you don't know you have,
  • that you don't know you don't have,
  • that's just being retired.

Implicit and explicit knowledge of the organization.

It is helpful to make the distinction between tacit and explicit knowledge. When it comes to managing generational change and the associated transfer of knowledge within the company, the two types of knowledge bring with them their own requirements, some of which are quite different.

Where it is hardly possible to put 30 years of experience in dealing with customer complaints into words and pass it on, long-term planned procedures are needed. If, on the other hand, the task is to make the right machine settings, it may be enough to finally take the time to document everything thoroughly and talk it through with the new employees.

Demographic change - learning for future generations

Companies would do well to find out what knowledge they want to retain - and how they can retain it. Digging out the dusty wiki system is rarely the best solution. In most cases, it is worthwhile to use tools that are already in use. Even concise procedural instructions prevent younger colleagues from repeating the mistakes of older ones.

In principle, management systems also embody the knowledge of their organizations. This can be used to secure implicit and explicit knowledge and to update it in the further course. It is probably impossible to actually document 30 years of experience. In contrast, it is no mean feat to improve the process of dealing with customer complaints. This is everyday work in process management.

Innovation through knowledge transfer

When younger and older colleagues tackle something together, different perspectives, experiences and ideas come together: more explicit, scientifically based knowledge on the one hand, more implicit, context-specific knowledge on the other. In addition to more accurate process descriptions and better procedures, this results in new approaches and ideas - and thus the prerequisite for innovation.

In this context, the quality management system (QMS) according to ISO 9001 is primarily responsible for creating organizational prerequisites and setting initial impulses. The most relevant knowledge areas to be secured must be defined. Priorities must be set and resources released. What sets the direction here is the ability to meet customer requirements and legal requirements. Knowledge that is required for this is basically a priority. As the task progresses, enthusiasm, curiosity and drive will drive it forward and lead to success.

Digitization facilitates the use of knowledge

Even the most ambitious attempts to use the available knowledge in the organization fail because of the trivial problem of interrupting the actual tasks. Generously stocked libraries remain unused, the wiki orphaned. Successful measures take into account the preference for old habits and constant deadline pressure. Digitization offers the opportunity to facilitate access to knowledge - not in separate IT systems, but in the same tools that control (partially) automated processes. To authorize the offer, only the most important information is prepared and displayed.

In more complicated cases, additional documents are automatically summarized and displayed as needed. In the future, the AI will decide which information needs to be displayed to the employee at all. Which information the AI uses in turn, and why it decides this way, remains hidden. Companies that (will) apply similar methods and use AI as a knowledge carrier should therefore consider right at the start how they will secure the AI's tacit knowledge and continue to use it when the next update is due.

Secure knowledge early - recognize risks and opportunities

The same advice applies to humans as knowledge carriers. Companies are already considering the associated risks and opportunities in the areas of workforce planning, recruitment and workplace design. Critical functions are double-staffed, with slightly different job roles. Offices are designed in such a way that new colleagues are involved right from the start when overlapping tasks are involved. Alternating task sharing, internal training and appropriately documented work methods do the rest. In such details lie many risks, and many obvious opportunities to leverage the organization's knowledge.

Our reading tip: Also read our blog post "Risk-based approach in ISO 9001".

Implement requirements on the organization's knowledge

Understanding the requirements in chapter 7.1.6 as a call to action means identifying these and other risks and opportunities and finding simple, smart solutions at all the different places where knowledge is an issue. And it means using knowledge at all these points for the comprehensive tasks of quality management.

DQS-Auditleitfaden ISO 9001:2015 in der Praxis

The most frequently asked audit questions and possible evidence.
More than just a checklist!

From experts in the field.

Auditleitfaden kostenfrei herunterladen

Knowledge of the organization in ISO 9001 - Conclusion

ISO 9001 has long left "knowledge of the organization" to the left, although the topic has been discussed among scientists since the mid-1990s of the last century. And even the new requirements in chapter 7.1.6, which were included in the ISO standard with the major revision of 2015, only touch on the subject.

Standard users are therefore required to make their own considerations as to which knowledge is needed at which points in the company today and tomorrow in order to reliably achieve the goals set or the intended results of the quality management system. The focus should be on the following considerations, among others:

  • How can the necessary knowledge be retained in the company?
  • How can new knowledge be gained?
  • What expertise is critical for the future?
  • What influence does demographic change have on the company?
  • What influence do topics such as innovation and digitization have?

Ultimately, it is worthwhile - with a view to the topic of "risks and opportunities" - to allow the topic of organizational knowledge to already flow into personnel planning, for example, and to take it into account comprehensively when making decisions.

DQS. The Audit Company.

The German Society for the Certification of Management Systems (DQS) was founded in 1985 by DGQ (Deutsche Gesellschaft für Qualität e.V.) and DIN (Deutsches Institut für Normung e.V.) as Germany's first management system certifier.

We are the only major certifier to focus on management systems and processes. Thus, we have been playing a pioneering role for many years. In 1986, for example, DQS issued Germany's first certificate according to ISO 9001, the world's most important standard for management systems. Since then, the history of DQS has been closely linked to the history of ISO 9001.

DQS. Weil Audit nicht gleich Audit ist.

Do you have questions about the certification of your quality management system according to ISO 9001? Find out more. Free of charge and without obligation.

Anfrage senden

Expertise and trust

Please note: Our articles, audit guides and other content are written exclusively by our in-house management system experts and auditors of many years' standing. If you have any questions for our authors about the content, please contact us. We look forward to talking with you.

Author
Frank Graichen

Standards expert and long-standing DQS auditor for ISO 9001 with diverse activities as a passionate keynote speaker, sought-after trainer, moderator, and author of publications on standards and management systems.

Any Questions?

We are here for you.
Contact Us