Current affairs: Mike Lynskey's personal view on issues that really matter to installers
Regular readers of this column will know that I have always been one of the most vociferous opponents of using ISO 9000 Quality Management certification as a yardstick to measure alarm companies. QM is, and always has been, a good management tool for organising and streamlining larger business and maximising profit margins.

For the smaller company, whilst there is a lot to learn from the QM system, I am not convinced that it should be made a condition of trading or a yardstick by which to judge a company ... and definitely not the quality of it's installations.

Over the years I have come across some requirements placed upon alarm companies in the name of QM that have been unreasonable to say the least ... just bloody daft if you want my honest opinion. I always quote the instance of the alarm company that ( ten years ago) introduced QM and ended up with a monster of a traceability procedure, a classic example of doing the right thing and getting it wrong. The company was buying in a nice new PIR detector at a giveaway price of £8 (10 years ago that was cheap).

As a delivery came in, each PIR was taken out of its box and a sticker placed on it bearing a unique serial number. The number was entered in a logbook along with the date received, delivery note number and supplier written alongside. The PIR was then replaced in its box and placed on the shelf. When it was finally needed the PIR was taken from the shelf, removed from the box, the serial number located and the date, the job number and the address of the installation site was recorded alongside the serial number in the logbook. The PIR was then replaced in the box and taken to site.

From the consultants point of view I have no doubt that the system was perfect, but when the company actually worked out the cost of the time spent doing the procedure, the PIR actually cost around £20 - not so cheap any more. Actually in a perverse sort of way the system paid off, the cheap PIRs turned out to be roughly the same quality as a load of parrot droppings and they all had to be taken out and replaced with better quality units. At least they knew exactly where each unit had been fitted and when. The irony of this was that when NACOSS was called in to audit the system the procedure was thrown out as unsuitable.

In the early days of ISO 9000 (BS5750) the people in our industry had little or no experience of the scheme so consultants had to be called in. The consultants (who were not from our industry) saw a blank piece of paper on which to write their own variation and so every principle was employed, every "T" crossed and every "I" dotted. Most of them were sincere in what they suggested but perhaps you will forgive me for being cynical in thinking that a minority of them also saw a licence to print money. The result was that from the early days I have heard many horror stories like the one earlier. But times change, we learn more and if we are bright enough we adapt.

Long, drawn -out procedures
During my last days at the SSAIB I was sent on an auditor's course for ISO 9000 and it opened my eyes. Lately I have had an opportunity to look over the shoulders of the NACOSS inspectors as they do the actual audits, and what I have seen is a vast improvement on the old ways. In the old days a non-security industry consultant would have a company doing all manner of unnecessary, long drawn out procedures just because they were in the quality standard.

Over recent years, as the inspectors and the participating companies have gained a better and deeper understanding, the procedures have been streamlined and reduced to what is now a good useful management system. It makes you check and double check all along the line to ensure that nothing is left out or forgotten and time is not wasted by going back and correcting. How many times have you forgotten to order things in or take things with you when a simple list would have prevented it? I rest my case.

If you go for a QM system make sure it’s not from a security industry ‘outsider’

Now, there is a new updated standard, ISO 9001-2000 and, by all accounts, it is far better than the old one. For a start it is more flexible and the need for documented procedures is less specific. Some parts of the new standard are not always relevant or needed so they can be left out. Other sections have been improved no end.

The new standard asks us to be more aware of customer requirements: does it do what it is supposed to do and is it right for the customer? It asks us to be pro-active: don't wait until the customer complains, go out and ask if the customer is happy and, if not, why not? Remember, some customers do not complain, they just take their business away leaving you scratching your head, so why not find out before you lose the next customer? To hell with the QM – we should have been doing this many years ago!

Reviews and audits have always been a requirement but a lot of companies just ticked off the boxes without further thought when they should have been thinking "Why am I doing this?", "Is this the best way?", or "Can I find a better way?" The new standard brings self analysis into the picture pushing you towards self improvement. How many of us measure and analyse our quotation success rates, or our installation and service procedures? Not many I think. I have heard installers say "I haven't time for all that." Can I offer another old saying: "I'm too busy working to earn money." Think about it, it's not as daft as it seems.

The real situation is that if they did measure and analyse they might just find where they are wasting time and money, it is a simple equation – measurement and analysis leads to increased performance and a reduction in time wasted which equals more profit and more spare time.

All in all, the new standard is designed to make you take a pace back and look at the way you do things, something we should have been doing years ago. In fact, the ISO 9000 scheme is developing from what some people (myself included) saw as a "pain in the posterior" administered with a large hammer (like the bung in a barrel), into a useful and viable management tool that even a small company can benefit from; provided you get the right people in to administer your QM program.

There is a rising tide of security companies particularly in the guarding sector claiming to have got an industry suitable ISO 9000 QM scheme when they have not. Often this is not a deliberate attempt to defraud the public, they have just got their QM from people who are not wholly familiar with the trade who introduce procedures that are inappropriate to the industry, and (even worse) sometimes leave out industry specific procedures that need to be in.

It sounds confusing, but there is a simple comparison that will make sense: Imagine that you need driving lessons. Which school do you go to. The expensive one in the High Street or the one who works from home? There is no set answer, either may be suitable. But you wouldn't go to a HGV school or a bus drivers' school – unless you didn't know the difference. There lies the problem: QM has popped up in recent years and companies are still in the process of finding out and making mistakes by asking the wrong people to solve their problems.

ISO 9000 is developing from what some (myself included) saw as a pain in the posterior to a useful management tool ... even for small companies

With driving there's no cheap alternative to a government testing authority. But with QM it is a different story, the examining or testing (known to us as certification) is "licensed" out to private industry for a very good reason ... Because QM can be applied to any company in any industry, certification needs to be done by people with a working knowledge of that industry. If people with no industry working knowledge do the certificating then there is a possibility that basic procedures are under-emphasised or too much emphasis is placed elsewhere. We need to get the right people doing the right job.

What about the competency of the testers? The government sanctions an examining board for the testing of driving examiners, making sure they are testing properly. For the QM scheme the government supports UKAS (United Kingdom Accreditation Service) to oversee the Quality Management Certification Bodies.

If we decide to install a QM system we have to employ a Consultant (the equivalent of the driving instructor) to help us . This consultant can't give you the accreditation or certification (the driving licence). For that you have to call in a Certification Body (driving examiner). In our industry NACOSS is the recognised one for the installation companies. NACOSS has been "tested and examined" by UKAS to prove that they are doing the job properly, so everybody is happy.

Or are they? Because of the general lack of understanding by our industry (and a lot of other industries) certain parties have decided to hop on the bandwagon and offer a cheap alternative. You may have had a glossy circular in your post offering an ISO 9000 Quality Management system for less than £1000 – complete with a certificate. It sounds wonderful and the answer to your prayers, but is it?

All-in-one instruction and testing!
The driving equivalent would be for me to set up the Mike Lynskey driving and testing school. I can offer to teach you to drive anything from a moped to a chieftain tank, and then provided you can get your desired conveyance from point A to point B without mowing down a few lampposts, parked cars and the little old lady walking her dog, I can offer you a licence to drive. Unfortunately, on the QM front it is quite legal.

The problems only appear when you get done for speeding and you flash the Mike Lynskey driving licence at the speed cop. He will point out that your licence is totally invalid and you may as well use it as a swipe card and your nether regions as the reader. The same goes for the unofficial QM scheme. It looks fine until you try and get it past someone who knows better. Unfortunately not everyone knows better, so to some extent you can fool a few customers, but when it gets as far as the insurance companies or bigger businesses you might as well revert to using your QM certificate as a swipe card.

The real confusion comes with the "broad spectrum" certification bodies that are fully accredited by UKAS so no one can doubt their ability or integrity. However, there is much concern within the industry that getting your QM accreditation from a non-industry related body may lead to a non-specific QM scheme that is possibly not in your best interests. The man coming to audit your QM scheme may have been doing a supermarket or a steelworks last week so does he know enough about your trade to be sure that you have all the right bits in place?