Cost-Benefit Analysis: ROI of ISO 9001 Registration for U.S. Manufacturers

– by Dr. IJ Arora

 

For some U.S. manufacturers, registration to ISO 9001 raises one question: “Is it worth the investment?” In other words, how can an organization maximize the benefits of ISO 9001 registration and convert them to a solid return on investment (ROI)?

Analyzing ROI

A consideration of costs and benefits must be included in an ROI analysis to allow manufacturers to make good decisions about ISO 9001 registration. Calculating the value of an effective quality management system (QMS) must include integrating quality and the overall management of the organization (as seen in clause 5.1.1 of ISO 9001). This would include the costs and payoffs that create the real ROI of ISO 9001 registration.

Mere compliance to the language of the standard is not enough; what is required is that ISO 9001 registration leads to competitive advantage. The intent for any manufacturer is to boost efficiency and revenue. In this new environment, where a considerable amount of manufacturing is being re-shored to the United States, ISO 9001 registration matters more than ever. Registration to ISO 9001 is worth it if it brings a clear ROI, such as cash in the bank in the form of cost savings or revenue increases. The answer lies in understanding the ROI that comes from building a strong QMS based on ISO 9001 or other relevant industry-specific standards such as AS9100, etc.

There is no free lunch. In other words, there are costs associated with ISO 9001 registration. Therefore, manufacturers should budget for:

  • Consulting and training. Staff must be prepared to align processes with the requirements of ISO 9001.
  • System development. This may include documenting procedures, implementing software, and updating workflows.
  • Certification audits. Certification bodies (CBs) require fees for initial certification and surveillance audits.
  • Time and resources. These may include employee hours spent on training, process improvements, and audits.

Costs vary depending on company size and can run from tens of thousands of dollars for small factories to much more for large, multi-site operations. The good news is that the benefits of working systematically using a process-based management system (as per clause 4.4.1 or ISO 9001) drive the ROI as the system implementation reduces waste and other production inefficiencies.

Although there can be significant upfront costs, the benefits of ISO 9001 registration often compound over time. These can include operational efficiency with streamlined processes which reduce waste, downtime, and rework, leading directly to lower production costs. Customer confidence and market access improve as the manufacturer consistently produces confirming products and services. Many U.S. manufacturers find ISO 9001 and/or relevant industry-specific standards to be a “ticket to entry” for bidding on contracts, especially in sectors such as automotive, aerospace, and military/defense.

Reducing Risk

Documented processes and corrective action systems reduce the likelihood of costly failures or recalls. Employee engagement improves, resulting in highly motivated teams working within clearly defined roles. Appropriate training oriented toward competency (as seen in clause 7.2 of ISO 9001) reduces errors and boosts productivity. Continual improvement is an added benefit of ISO 9001 as the implementation of the standard promotes a culture of ongoing improvement, helping companies stay competitive in fast-changing markets.

Calculating the ROI of ISO 9001 registration can be assessed by comparing costs against measurable gains such as:

  • Reduced scrap/rework = cost savings
  • Improved on-time delivery = fewer penalties and more repeat orders
  • Access to new markets/contracts = increased revenue
  • Enhanced reputation = long-term customer retention

Example: If a manufacturer spends $50,000 on registration but reduces rework costs by $80,000 and gains $200,000 in new contracts, the ROI is clear and compelling.

Then there is the real-world impact. Studies consistently show manufacturers that achieve ISO 9001 registration experience:

  • 5–15% cost savings from efficiency gains
  • Revenue growth due to market access
  • Improved customer satisfaction scores, leading to stronger long-term partnerships
Final Thoughts

Initially, ISO 9001 registration may seem like a simple expense. But when viewed as an investment, the ROI to be found in ISO 9001 registration becomes clear. It brings definite improved efficiency, stronger customer trust, and measurable financial gains. For U.S. manufacturers competing in global markets, the payoff often far outweighs the cost.

The above article was recently published in an Exemplar Global publication ‘The Auditor’.

Building a Quality Culture: The Role of Leadership

-by Dr. IJ Arora

When the leadership at a U.S. industrial plant makes the strategic decision to roll out certification to ISO 9001, their first instinct is often to focus on documentation, audits, and procedures. They start by looking for a consultant who often (for quick money) provides a template. That is the start of misery for an organization.

A Better Way To Begin

The “As-Is” of the management system should be the start of this process. What has been developed over the years should not be forgotten or lost! The truth is that no checklist or manual can build a true quality culture. The secret ingredient in implementing ISO 9001 is the involvement of leadership in developing the system. As per sub-clause 5.1 (“Leadership and commitment”), their total involvement and commitment is required, in addition to others who assist them in this role, as per sub-clause 5.3 (“Organizational roles, responsibilities and authorities”).

Why leaders can make or break ISO 9001 effectiveness is an important question, and taking positive action to do so is therefore a vital decision. Employees don’t take their cues from policies—they take them from people. If leaders treat ISO 9001 as “just another certification,” that’s exactly how the workforce will see it. On the other hand, when leadership is visible, engaged, and committed, quality stops being a buzzword and becomes a way of working. A system that has the support of leadership has the best chance to produce conforming products and services and also ensure continual improvement.

ISO 9001 makes this clear. Clause 5 (“Leadership”) puts accountability squarely onto the leadership. It’s not just the quality manager’s responsibility anymore—it’s a business-wide effort, and leaders must own it. It is leadership that matters in ISO 9001 and is an important aspect of the process.

Clause 5 emphasizes that leaders must:

  • Demonstrate commitment to the quality management system (QMS)
  • Align quality objectives with organizational strategy
  • Promote a culture of continual improvement

The View From The Shop Floor

In U.S. industrial plants, where efficiency and production targets often dominate discussions, leadership involvement ensures quality doesn’t get sidelined. Leaders act as role models, showing that meeting quality objectives is as important as meeting delivery deadlines.

When auditors look at the implementation of a management system standard like ISO 9001, they need to be able to clearly evidence what leadership involvement looks like in practice. There are numerous indicators, most of them based on ISO 9001 subclauses 5.1, 5.1.2 (“Customer focus”), 5.2 (“Policy”), 6.1 (“Actions to address risks and opportunities”), 6.2 (“Quality objectives and planning to achieve them”), and 10.3 (“Continual improvement”). To generalize these into simple language I would say these would include the following:

  • Setting the tone. A plant manager who opens every team meeting with a quality update shows that it matters as much as production numbers.
  • Walking the floor. Leaders who regularly join quality reviews or stop by the line to ask about issues send a strong signal of support.
  • Connecting quality to strategy. Instead of treating ISO 9001 as paperwork, leaders can frame it as a competitive edge, leading to fewer defects, happier customers, and stronger market position.
  • Celebrating wins. Recognizing teams for continuous improvement projects—no matter how small—builds momentum and pride.

Culture is caught, not taught. We can train employees on ISO 9001 requirements, but culture is shaped by what leaders actually do. Creating an environment of quality is a leadership accountability issue. When executives understand the value of nonconformities as the drivers of corrective action and improvement, follow procedures, welcome audits, and act on feedback, employees naturally mirror those behaviors. Over time, this creates a culture where quality isn’t “extra work”—it’s simply the way we work. It is then that the organization can go from a reactive to a proactive manufacturing entity.

The return on investment in ISO 9001 can be traced to sub-clause 6.2 and the achievement of specific quality improvement objectives. Industrial plants that embrace ISO 9001 leadership involvement don’t just pass audits. They see less rework, stronger customer trust, and a workforce that takes pride in doing things right the first time. In today’s competitive manufacturing landscape, that’s not just compliance—it’s survival.

Bringing It Forward

Five practical steps leaders can take to lead the industry may include the following:

  1. Communicating the vision. It is important to clearly articulate why ISO 9001 matters—not only for certification, but for customer trust, employee pride, and long-term competitiveness.
  2. Allocating resources. Quality initiatives fail when they’re underfunded. Leaders must ensure sufficient training, technology, and staffing to support ISO 9001 compliance. Where they cannot provide resources, they must assume the risk and adjust objectives.
  3. Engaging with the employees. This includes walking the floor, participating in quality meetings, and recognizing contributions. All of these actions reinforce that quality is everyone’s responsibility.
  4. Integrating quality into the organization’s strategy. Quality goals should not be separate from business goals. For example, reducing defects can be tied directly to cost savings and improved customer satisfaction.
  5. Leading by example. Leaders who adhere to procedures, value data-driven decisions, and embrace audits demonstrate that ISO 9001 is part of the plant’s DNA.

ISO 9001 isn’t a binder sitting on a shelf. It’s a leadership-driven culture shift, and when leaders lead the way, the entire plant follows. Just keeping the binder on the shelf is no good. It may get the organization a certificate but will not result in a positive return on investment.

Without leadership involvement, ISO 9001 may become the missing link in the success of U.S. industrial plants. Your involvement as leaders at every step of your organization matters more than checklists. You must drive the culture of change.

In concluding, I would opine that rolling out ISO 9001 in U.S. industrial plants requires more than technical checklists; it requires leadership. By committing to involvement in the implementation of ISO 9001, plant managers and executives can transform their organizations into a quality-driven powerhouses that thrive in today’s competitive market.

The above article was recently published in “The Auditor” (an Exemplar Global publication).

Keeping Your Management System ‘Ordinary’ in the Age of AI

by Julius DeSilva

We’re living in an era where every week seems to bring a new AI tool or software promising to “transform” your business. Predictive analytics, digital twins, algorithm-driven risk models; the buzzwords are endless. And while some of these advances do have their place, I argue that companies must not forget their basics. In a previous career as a mariner, as technology evolved and found their way on ships there was still some value to a simple visual bearing and the information it could give you.

Call me old-school, but I still believe in systems that are owned by people, not platforms. In fact, I’d argue that now more than ever, we need to protect the ordinariness of our management systems, because that’s where the real strength lies.

Don’t Mistake “Ordinary” for “Outdated”

I’ve worked on ships and in boardrooms, with multinationals and mom-and-pop shops. Across the board, the systems that work best are not the flashiest, they’re the ones that are understood, used, and respected. I’ve used fancy preventive/planned maintenance systems and then a simple excel spreadsheet with macros built in. Perhaps surprisingly, the company using the ordinary excel spreadsheet had better maintained equipment.

An “ordinary” system means:

  • Everyone knows their roles and responsibilities.
  • Processes are documented clearly, not buried in folders.
  • Documentation is clear and concise.
  • Records are maintained and can be trusted.

You don’t need artificial intelligence to tell you your maintenance wasn’t done. You need a culture where someone owns the task, completes it, and checks the box honestly.

When the Tool Becomes the Boss

I’ve seen organizations spend small fortunes on digital platforms that promise complete “management system automation.” These platforms often come with dashboards no one reads, workflows no one updates (because they don’t know how to), and training modules people click through just to make them go away. (Let’s be honest, you know how effective your CBT program are!)

Compare that to a simple 8D form built in Excel, yes, plain old Excel. When it’s used properly by a team that understands the process, it becomes a great tool for problem-solving. No licenses, no AI, no data scientists required.

If you’re curious, QMII’s Root Cause Analysis workshop teaches this practical approach. And it works because it’s rooted in thinking, not tech.

PDCA: Still the Smartest Loop in the Room

You don’t need AI to plan, do, check, and act. You need discipline. In a world full of reactive fixes and AI-generated insights, PDCA still calls on people to pause, observe, think, and improve. And frankly, we could all use more of that.

A well-run PDCA cycle doesn’t care whether your data comes from a sensor or a clipboard. What matters is how your team reflects, learns, and adjusts. If you want to sharpen that loop, QMII’s ISO 9001 Lead Auditor Training doesn’t just teach clauses. It teaches systems thinking, real auditing skills, and how to see the story behind the numbers.

Use AI? Sure. But Stay in the Driver’s Seat

I’m not against AI. Let me be clear on that. It’s a tool that, when used wisely, can absolutely support your management system. It can help you analyze patterns in data and generate reports that are helpful. But that’s exactly the point. AI is a tool, not the system itself, and certainly not the leader of it.

I’ve seen organizations fall into the trap of trusting algorithms more than their own people. They install AI to identify when personnel are not using PPE, to generate solutions based on data analysis and when errors occur. But no one stops to ask the most important questions: Does this make sense? Is this what’s really happening? Who validated this? Why did the person not use PPE?

The danger is that we start to mistake output for understanding. AI doesn’t know your organizational culture. It doesn’t know that one department always closes their nonconformities just to get them off the list. Only your team, using their judgment and grounded in your process reality, can make those distinctions.

If you’re going to use AI, integrate it into the PDCA cycle. Feed its outputs into your management review. Use it to inform, but not to dictate. And perhaps most importantly, teach your team to question it. Train them to ask, Where did this data come from? What assumptions are built into this model? What’s missing from the picture?

Own Your System. Keep It Ordinary.

There’s something refreshing about an audit checklist that an auditor actually helped write. Not an AI generate one. That’s real ownership. That’s engagement.

Management systems aren’t meant to be high-tech puzzles. They’re meant to be frameworks that help people do their jobs better. They are not a compliance burden, they’re a strategic asset, but only when they belong to the people who use them.

So here’s my message in conclusion: Keep your system ordinary. And make it extraordinary in how well it’s embraced and used.

The PDCA Playbook

– by Jacob Hargadon

Bio-Hacks, Money Hacks, weight loss hacks, we’ve heard it all. However, none of these hacks are successful without good planning, implementation, review and improvement. Perhaps these “hacks” aren’t really hacks, but just a means to an end.  These hacks will not be successful without an end goal in mind. Ever downloaded a fitness app? One of the first few questions you’re asked as part of “tailoring the program for you” is what your goals are.  

What I have come to learn in my time at QMII and immersing myself in the world of ISO 9001 is that the real “hack” isn’t a cold shower, investing 10% of your paycheck into a 401k or drinking green tea for weight loss. The real hack is the process that when properly implemented using a PDCA approach has the greatest likelihood of success. Using this approach has helped me improve professionally and personally and outlined below is the roadmap. 

PDCA – A cycle for success 

Since joining QMII I’ve learned a ton about ISO 9001 (no surprises here) and have grown to appreciate the value of a process-based system approach. Full Disclosure – at first, it was confusing, a bit dull, and the language used within the standard was certainly levels above the colloquial I speak. However, once the general idea of the standard was grasped, I realized that the ISO 9001 PDCA (Plan-Do-Check-Act) framework is one of the biggest life hacks out there. When you take its structure and apply it to your daily life, the results can be incredible.  

I’m not talking about memorizing every clause because that would be absolutely insane (a few of QMII SMEs have done this and they are awesome). What I am talking about is the general structure behind ISO 9001—specifically, the PDCA cycle. It’s simple, but when applied, it can transform both business performance and personal growth. If you’re still reading this, here is how it works and how it has improved my life.  

Plan  

If any of you have kids, this may very well resonate. If you’re like me and don’t have a kid, well, just imagine it’s your little cousin or something.  

Have you ever spoken to a child and had to do a deep dive into a subject? Now I know some of you are thinking “Jacob the question is more like when do I not have to…?”! To elaborate, let’s say you tell a Child that the sky is blue, and they’ll ask Why? Then you’ll tell him it’s because of light reflecting off the ocean to which he will respond why? And soon you find yourself in a physics lesson with your cousin.  

Relating it to what I do, yearly sales goals need to be broken down into quarterly goals and then a plan will be put in place to achieve these with a review being done each quarter. One of my biggest takeaways is the importance of specificity. In ISO 9001, vague goals don’t cut it—processes, objectives, and responsibilities must be crystal clear. Saying “I want to make $X per year” isn’t the same as “I want to generate $X in sales by the end of Q3”. Specificity, communicating clearly, builds accountability and provides a roadmap for effective implementation and continual improvement.  

Do  

I enjoy my job and would like to keep it. And that’s why the “do” aspect is so important not only for work but life itself. In ISO standard-based systems, organizations implement their processes; in life, we follow through on habits and routines. For me, this might mean sticking to an outreach schedule, blocking time for focused work, or simply staying consistent with the commitments I’ve made. Execution is where momentum is built. And when things don’t go as planned or I make an error it’s merely an opportunity to learn – to improve my plan for the next time. 

Check  

Depending on how I’m doing in the quarter, this is either my favorite or least favorite stage—the Check stage. Similar to ISO 9001, this is where we decide what needs to be monitored, how we’re going to measure it, and when those checks should take place. Just as organizations analyze data to see if processes are effective, I do the same in my life—whether it’s reviewing yearly sales numbers or testing a new PR at the end of a 12-week lifting program. Without clearly defining how and when to conduct an honest review, it’s too easy to drift into autopilot and miss opportunities to improve. One more thing: don’t forget to keep your documented evidence. Whether it’s your before-and-after gym photos or your sales metrics, having proof of your efforts helps you track progress, stay accountable, and make informed adjustments for the next cycle. 

Act  

Just as ISO requires management reviews, I’ve learned the value of stopping to evaluate my own progress as well as when I report data up the chain of command. Are my systems actually working? Am I closer to my goals this month than last?  

This is where continual improvement happens. Your system should not stop at identifying issues—it requires action. As such, for me, that might mean shifting my schedule once I realize I’m more productive in the mornings or adjusting my outreach strategy when certain approaches don’t land. The point isn’t just to collect data—it’s to act on it.  

At its core, ISO 9001 is about structure. And I’ve found that when I apply that same structure to my daily life, I stop just reacting to circumstances and instead build systems that set me (and my team) up for continual improvement. And this system has worked wonders in my life both professionally as well as personally.  

Concluding thought! 

Whether in an organization or in life, the message is the same: Plan with all relevant inputs, risks and clarity, Do with intention, Check honestly, and Act to improve. 

Integrating Standards for Safe Nuclear Expansion

-by Dr. IJ Arora

As nuclear energy regains attention as a low-carbon solution, organizations developing these energy sources need to consider a systems approach to the safe launch and growth of facilities. Once considered a great alternative to gasoline and coal, the nuclear energy industry’s growth was negatively affected by incidents like those at Chernobyl and Three Mile Island.

In this short article, I will attempt to convey that customer focus (clause 5.1.2 of ISO 9001:2015) is best ensured by proactive, not reactive, measures. This can be achieved through appreciating hazards, converting them to risks, prioritizing them, and planning the management system to achieve desired objectives.

Having served on a nuclear submarine and been on board when a nuclear accident took place, I know the pros and cons of this energy source. However, the world has changed since these tragic incidents and now there are advancements in not only nuclear technology but also in the management of nuclear facilities. ISO 19443:2018 a quality management system (QMS) standard built on the foundation of ISO 9001, but which is specific to the management of nuclear facilities. For those in the United States, ASME offers the NQA-1:2024 standard which is similarly dedicated to the nuclear industry.

Nuclear energy is perhaps an answer to the world’s power requirements. The demand for electricity is growing by the day with the extensive use of artificial intelligence and large data centers. A systems approach to management of this industry gives the world the best chance to appreciate risks systematically and plan for consequences proactively.

Grave negative effects to safety, security, health, and the environment are all likely consequences if a nuclear mishap takes place once again. Although the primary objective of a QMS is to get the desired output, it should not be at the cost of these potential harms.

The Three Mile Island facility is in the news once again for re-opening ahead of schedule. For those who do not remember, on March 28, 1979, a partial meltdown occurred at the Unit 2 reactor outside of Harrisburg, Pennsylvania. Environmental impacts included the release of radioactive gases into the atmosphere (albeit in limited amounts), long-term challenges in radioactive waste storage, and site contamination. Additionally, there were psychological and social effects that caused a loss of public trust in the nuclear energy industry.

As discussions emerge about reopening the Three Mile Island facility (now scheduled by 2027), evaluating its environmental effects through the lens of the ISO 14001:2015 environmental management system (EMS) is both prudent and proactive. Therefore, in the following section, I will outline the relevant applicable clauses from ISO 14001:2015.

Applicability of ISO 14001:2015 to a nuclear facility

Clauses 4.1 and 4.2, “Context of the Organization” and “Needs and Expectations of Interested Parties”

Nuclear facilities would benefit from considering:

  • Historical context (e.g., past accidents and public concern)
  • Stakeholders such as regulatory bodies, local communities, and environmental NGOs
  • Emerging media reports and public opposition or support as environmental risk indicators

Clause 6.1, “Actions to Address Risks and Opportunities related to Significant Environmental Aspects”

Considering a lifecycle approach, a reopened nuclear plant must assess:

  • Emissions of ionizing radiation
  • Spent fuel storage and long-term waste management
  • Thermal pollution from coolant discharge
  • Accident and emergency scenarios
  • And other significant environmental aspects requiring control measures and documentation

Clause 6.1.3, “Compliance Obligations”

This subclause involves alignment with:

  • Nuclear Regulatory Commission (NRC) rules
  • EPA guidelines on radiological impacts
  • International agreements on nuclear safety and waste

Clause 6.1.4, “Planning Action”

The plant must establish plans to:

  • Prevent recurrence of accidents like those of March 28, 1979
  • Contain and manage radioactive leaks
  • Mitigate environmental risks in both normal and abnormal operating conditions

Clause 8.2, “Emergency Preparedness and Response”

This subclause includes details critical for a nuclear facility and requires:

  • Detailed emergency response procedures for nuclear accidents
  • Training for first responders and public communication plans
  • Coordination with local and federal emergency management agencies

Clause 9.1.1, “Monitoring, Measurement, Analysis, and Evaluation”

To meet the requirements of this subclause, facilities must continuously monitor:

  • Radiation levels in air, water, and soil
  • Effectiveness of containment systems
  • Compliance with regulatory thresholds

Clause 10.1, “Nonconformity and Corrective Action”

This subclause would require that:

  • Any incident or near-miss must trigger a formal investigation
  • Includes lessons learned from:
    • The March 28, 1979 event itself
    • Any deviations during recommissioning or startup

A system approach to nuclear facility management

The opening (or, in this case, reopening) of a nuclear facility offers an opportunity to integrate modern management system practices with lessons learned from the past. ISO 19443:2018 and ISO 14001:2015 provide a structured framework to manage the needs of nuclear operations as well as public environmental concerns.

During my time consulting for numerous industries, I have found a strengths, weaknesses, opportunities, and threats (SWOT) analysis to be a very useful tool— especially the weaknesses and threats that help identify risks. A detailed SWOT analysis for the Three Mile Island facility might provide the following inputs as an example:

Technical and operational risks: aging infrastructure

  • Although it was not the site of the 1979 meltdown, Unit 1 is more than 50 years old.
  • Restarting involves complex retrofits, control system upgrades, and re-licensing—all of which require time and precision.
  • Rushing these checks might lead to overlooked fatigue, corrosion, or component failures.

Human factors

  • Post-incident, nuclear workforce training and institutional memory may be weak.
  • Skilled nuclear operators must be retrained or recruited, and hasty onboarding increases the chance of human error—a factor in many historical nuclear mishaps.

Environmental risks: radioactive emissions and waste

  • Restarting means handling spent fuel, coolant systems, and storage pools.
  • Hurrying these operations risks could lead to:
    • Leaks during fuel handling or containment failures
    • Inadequate radioactive waste protocols

Ecosystem disruption

  • Cooling systems may discharge thermal pollution into nearby rivers.
  • Emergency preparedness might not be fully revalidated for post-reopening conditions.

Better alternatives to a rushed restart

Although early reopening offers incentives like energy security, carbon reduction, and economic revival, these gains are precariously balanced against high-impact risks that could derail long-term viability. The strengths and opportunities may only be fully realized with a controlled, phased, and transparent approach, not through acceleration that bypasses environmental, technical, and social due diligence.

As such, organizations pursuing the development of nuclear energy plants must consider:

  • Phased reopening with public oversight
  • Third-party safety audits after at least two cycles of internal audits post implementation of the management system
  • Full-scale emergency drills and community outreach prior to operation
  • Independent environmental impact assessments (EIA)

Conclusion

The benefits of a fast reopening exist, however, the risks far outweigh short-term gains unless stringent safety, regulatory, and public engagement protocols are followed. Strategic value lies in measured and transparent activation/reactivation, not haste. ISO 14001:2015, ISO 19443:2018, and ASME NQA-1:2024 provide the framework for an integrated management system.

In conclusion, I would say a good strategy to implement and to safely accelerate nuclear energy deployment must include the adoption of a management system. ISO 14001:2015 ensures environmental responsibility and community accountability; ISO 19443:2018 drives quality, culture, and nuclear-supplier discipline; and ASME NQA-1:2024 enforces technical rigor and traceable QA processes. Together, these standards offer a comprehensive, risk-based, and stakeholder-aligned approach.

Rushing implementation without such integration would leave critical blind spots. An integrated implementation roadmap including these standards could guide the strategic and operational implementation in support of safe, controlled nuclear energy expansion.

The article was recently published in “The Auditor” An Exemplar Global Publication.

Domestic Passenger Vessel Accidents Are Preventable Using a Management System (Part One)

Dr. IJ Arora:

Think of any accident, mishap, or tragedy involving a passenger vessel through history (or in recent times) and then look at the post-event investigation report. If you do this, you will find one shortcoming common to these tragedies: a poor appreciation of risk and the practical nonexistence of a management system. Occasionally, in slightly less disastrous events, you may see the existence of a system, but it is usually poorly implemented.

This two-part article considers the domestic passenger vessel industry in the United States, where there have been several tragedies. I hope (although hope is not a plan) that this work will inspire the industry to look at the proper implementation of management systems. In trying to narrow the discussion, we will analyze and learn lessons from the 2019 sinking of the Conception and to a limited extent the 2023 fire aboard the Spirit of Boston cruise ship. I will mention a few other incidents as well to make the connection and bring out the failure of the various systems that broke down.

A systems-based approach in analyzing accidents in the domestic U.S. passenger vessel industry involves looking at the various components and process interactions that could potentially lead to incidents. This can include factors such as crew training, vessel design, regulatory compliance, maintenance practices, and emergency preparedness. However, the major factor is usually the absence of a management system (or a badly designed and/or poorly implemented one). This is a tragedy in the making.

I am studying these accidents to demonstrate how a systems approach could have helped prevent many of these mishaps. The reluctance to implement an effective management system pains me, not to mention primary investigation agencies like the National Transportation Safety Board (NTSB), the United States Coast Guard (USCG), and other responsible bodies.

Note that I am not discussing technical processes here. Yes, those often fall short of the mark as well, but the bigger issue is the failure to apply simple systematic thinking based on existing management system standards. This reluctance to work systematically surprises me. I’ve recently expressed my views on the Baltimore Bridge collapse, the implosion of the Titan submersible, the collision between an American Airlines flight and a military helicopter over the Potomac, and the Boeing 737 Max inspection failures. In all cases, I cannot understand why a simple, cost-effective action such as properly implementing a management system should be such a critical weakness within so many different organizations. It is a leadership flaw, for (as W. Edwards Deming said) “A bad system will let down a good person every time!”

Titanic and Herald of Free Enterprise

When discussing this topic, many will think back to the Titanic tragedy which goes back more than 100 years. This is of course perhaps the most well-known sinking of all time, so I will not rehash the details, which are easily available online. However, I do want to mention that events like the sinking of the Titanic create the ultimate push—it caused a reaction and, ultimately, the creation of a workable system to help save lives and the vessels themselves. Depending on owners, operators, and masters, to use their judgment and do the right thing at the time of crisis was no longer enough. What the Titanic demonstrated was that the industry needed enforceable regulations and requirements. The result was the Safety of Life at Sea (SOLAS) Convention, which formalized a systematic approach to safety.

Before studying incidents occurring in U.S. domestic waters, I also want to mention the tragedy of the Herald of Free Enterprise, which occurred on March 6, 1987, at Zeebrugge, Belgium. The Herald of Free Enterprise was a roll-on/roll-off ferry owned by the Townsend Thoresen company. On that day, the ship capsized shortly after leaving port and 193 people lost their lives. It had departed with its bow doors open, allowing seawater to flood the car deck. Within minutes, the ship was lying on its side in shallow water.

The tragedy exposed severe deficiencies in the company’s safety culture and operational practices. Justice Barry Sheen was appointed to head the official inquiry into the disaster. His report, published in October 1987, was scathing and unprecedented in its criticism of the ferry operator, management, and the broader safety practices in the maritime industry. Justice Sheen’s report identified a “… disease of sloppiness and negligence at every level of the hierarchy.” This became one of the most quoted phrases from the report. Sheen emphasized that the disaster was not due to a single act of negligence but rather a “… catalogue of failures…” including the failure to ensure the bow doors were closed, poor communication between crew and bridge, inadequate safety procedures, and the absence of proper checks before sailing.

The report placed heavy blame on the senior management, asserting that safety was not a high priority for the company. It also noted that management failed to implement procedures that could have prevented such a tragedy.

It is indeed shocking and surprising that even today, decades later, investigations reports are still pointing out these same drawbacks. Lessons learned seem to be forgotten. I particularly wanted to focus on this incident because Justice Sheen’s report was a turning point in maritime safety regulation. It directly influenced the creation of the ISM Code under the International Maritime Organization (IMO), which mandated formal safety procedures and accountability in international shipping operations.

Conception

The Conception was a dive boat that caught fire off the coast of California, resulting in the deaths of 34 people in 2019.

Investigations into this disaster revealed several deficiencies, including inadequate fire safety procedures, lack of a proper emergency escape route, and insufficient crew training. There were also issues related to the vessel’s sleeping arrangements, where most of the passengers were asleep below deck at the time of the fire.

A systems approach would emphasize the need for comprehensive safety protocols, regular training for crew members, proper vessel design for evacuation, and effective regulatory oversight to ensure the robust implementation of safety measures.

Spirit of Boston

This incident involved a fire that broke out on the dining cruise ship Spirit of Boston while docked in 2022.

The fire was linked to a potential electrical malfunction, but it highlighted issues related to maintenance practices and emergency response protocols.

By applying a systems approach, stakeholders could focus on root cause analysis, looking into how maintenance schedules, crew training, and emergency responses are integrated and managed.

Overall recommendations for the systems approach

There are several important elements to consider in favor of the systems approach, as follows:

  • Interdisciplinary collaboration. Promoting collaboration among various stakeholders, including regulatory bodies, ship management companies, and safety experts, to share information and best practices
  • Root cause analysis. Encouraging investigations that go beyond the immediate causes of accidents to identify systemic failures that could contribute to unsafe conditions
  • Regular training and drills. Implementing continuous training and emergency drills for crew members to ensure readiness, competence and enhance situational awareness
  • Maintenance and safety protocols. Establishing stringent protocols for vessel maintenance and safety checks, with thorough documentation and compliance checks
  • Regulatory oversight. Advocating for robust regulatory frameworks that require adherence to safety standards and proactive risk management strategies
  • Cultural change. Fostering a safety-first culture within organizations that prioritize safety above operational pressures

We can see in these two recent incidents that, as with the case of the Herald of Free Enterprise, a systems approach enables a comprehensive understanding of the complexities involved in maritime operations, leading to better prevention measures and enhanced safety outcomes in the passenger vessel industry.

Other examples

Over the years, the NTSB has investigated numerous accidents involving passenger vessels. A few notable examples follow:

  • Estonia. Although this accident occurred in European waters, its implications affected international passenger shipping, including practices adopted in the United States. The Estonia sank in the Baltic Sea in 1994, resulting in the deaths of 852 people. The investigation revealed that the key issues were related to vessel design, including hull integrity and cargo securing. This incident led to enhanced safety regulations regarding passenger vessel construction and operational safety protocols.
  • Andrew J. McHugh. This collision involving the ferry Andrew J. McHugh and another vessel occurred in the narrow Houston Ship Channel, leading to the deaths of 17 passengers in 1980. The key factors included poor visibility, navigational errors, and inadequate communication between vessels. Subsequent recommendations from the NTSB aimed at improving navigational practices and vessel traffic control in critical areas.
  • Benson. The Benson, a tour boat in New York, capsized during a sudden storm. A total of 10 people died in this 2000 incident. The investigation pointed out questionable weather assessment practices and inadequate safety measures for handling sudden weather changes. The NTSB recommended better training for crew members regarding weather evaluation and emergency response.
  • Dawn Princess. A fire aboard this cruise ship in the South Pacific led to emergency evacuations in 2003. Although there were no fatalities, more than 150 passengers were affected. The fire was linked to flaws in electrical systems. The NTSB emphasized improved fire safety systems and crew training on firefighting and evacuation protocols.
  • Emotion. This fishing vessel capsized near Alaska in 2010, resulting in several fatalities. The investigation pointed out structural problems and issues with the vessel’s stability while loaded. Recommendations focused on vessel stability assessments and the importance of adherence to safety regulations during fishing operations.
  • Explorer. In 2007, the Explorer ran aground off the coast of the Antarctic Peninsula, leading to evacuations. All passengers were saved, but the incident raised alarms about navigational practices and inappropriate response to weather changes. The NTSB highlighted the need for enhanced navigational training and real-time communication.

For each of these incidents, a systems approach would involve comprehensive training programs for crew related to emergency preparedness, rigorous maintenance and operational checks, research and implementation of advanced technologies for navigation and safety, and collaboration among regulatory bodies to create uniform safety standards that encompass all aspects of vessel operation. These historical examples underscore the importance of a proactive stance on maritime safety, highlighting that every component of the system must work together to prevent accidents and improve safety outcomes in the passenger vessel industry.

A poor approach that fails to be proactive can significantly contribute to accidents such as these. When risks are not systematically identified and appreciated, several detrimental consequences can arise. Without a systematic approach to risk assessment, potential hazards may go unnoticed, increasing the likelihood of incidents. Vessels may not be adequately equipped to handle specific risks, such as extreme weather or equipment failures. There is a requirement for safety protocols, adequate training, and improvement of communications.

On the other hand, a reactive approach undermines effective communication within the organization and between vessels. Without established systems for reporting and discussing risks, lessons learned from previous incidents may be ignored.

The other factors are regulatory compliance lapses. In the absence of a proactive culture, vessels may not adhere to regulatory requirements consistently or may develop a compliance mindset that prioritizes minimum standards over comprehensive safety practices. Neglecting lessons learned from past incidents is another flaw. A failure to learn from past accidents can lead to repetitive mistakes. If organizations do not analyze historical incidents and implement changes based on those insights, they risk encountering similar situations again and again.

In the second part of this article, we will discuss the importance of using the Plan-Do-Check-Act cycle in embracing a safety management system.

To read Part 2 of the article – Click here

Note – The above article was recently published in an Exemplar Global publication – ‘The Auditor’

Click here to read the article.

What Is Risk-Based Thinking in ISO Standards?

Over the past two decades of working closely with clients in both the manufacturing and service sectors, I’ve witnessed firsthand the transformation that occurs when organizations stop treating compliance as a checklist exercise and start thinking in terms of risk and opportunity. With the 2015 revisions to many ISO standards, particularly ISO 9001, we saw a deliberate shift away from siloed “preventive actions” toward an integrated, strategic approach known as Risk-Based Thinking (RBT). 

This wasn’t just a semantic change. It marked a cultural evolution, an acknowledgment that uncertainty is inherent in every business process, and that success belongs to those who plan for it, not those who simply react to it. RBT has empowered organizations to navigate complexity with greater confidence, embedding foresight into their planning and decision-making at all levels. 

In this article, I’ll draw from real-world consulting experiences across diverse industries to demystify Risk-Based Thinking. We’ll explore what it really means, why it matters, how it supports proactive leadership, and what tools you can use to bring it to life within your own management system. Whether you’re guiding a mature enterprise or a fast-scaling startup, the principles of RBT are not only practical, but they’re also essential.

What Is Risk-Based Thinking (RBT)?

Risk-Based Thinking (RBT) is the proactive approach embedded in ISO standards like ISO 9001:2015, ISO 14001:2015, and ISO 45001:2018. Rather than treating risk as a separate component, RBT integrates it into every facet of an organization’s management system. This shift moves organizations from a reactive stance to a proactive culture, where potential issues are anticipated and addressed before they escalate. 

In my consulting journey, I’ve observed that organizations embracing RBT don’t just prevent problems, they identify opportunities for improvement and innovation. For instance, a manufacturing client leveraged RBT to streamline their supply chain, resulting in reduced lead times and increased customer satisfaction.

How Risk-Based Thinking Supports Proactive Decision-Making:

  • Identifying Potential Risks and Opportunities: By assessing both internal and external factors, organizations can foresee strategic and operational challenges and capitalize on opportunities. 
  • Integrating Risk Assessment into Planning: This ensures that objectives are achievable, and resources are allocated effectively. 
  • Enhancing Stakeholder Confidence: Demonstrating a proactive approach to risk management builds trust among customers, suppliers, and regulators.

A service industry client I worked with implemented RBT in their project management processes. This led to improved project delivery times and a significant reduction in unforeseen issues.

Key Objectives of Risk-Based Thinking:

The primary goals of RBT include: 

  • Enhancing Organizational Resilience: By anticipating potential disruptions, organizations can develop contingency plans. 
  • Promoting Continuous Improvement: Regular risk assessments lead to ongoing enhancements in processes and systems. 
  • Aligning Risk Management with Strategic Objectives: Ensuring that risk considerations are integral to achieving business goals. Read clause 6.1 connected to clause 4.1 and 4.1 per ISO harmonized structure. 
  • Fostering a Culture of Risk Awareness: Encouraging employees at all levels to consider risk in their daily activities. Clause 7.3 drives awareness to employees on how they can contribute to the system.

Practical Application of Risk-Based Thinking:

Implementing RBT involves: 

  1. Contextual Analysis: Understanding the organization’s internal and external environment. 
  2. Risk Identification: Recognizing potential events that could impact objectives. 
  3. Risk Assessment: Evaluating the likelihood and impact of identified risks. 
  4. Risk Treatment: Determining appropriate actions to mitigate or capitalize on risks. 
  5. Monitoring and Review: Continuously tracking risk factors and adjusting strategies accordingly.

Comparison: Preventive Action (Old) vs. RBT (New):

Previously, ISO standards emphasized preventive actions as separate clauses. However, this often led to a checkbox mentality, where organizations implemented measures without truly integrating them into their processes. 

With RBT: 

  • Integration: Risk considerations are embedded throughout the management system. 
  • Proactivity: Organizations anticipate and address potential issues before they occur. 
  • Flexibility: RBT allows for tailored approaches based on the organization’s specific context. 

This evolution encourages a more dynamic and effective approach to risk management. 

Tools & Techniques to Support Risk-Based Thinking:

1. SWOT Analysis (Strengths, Weaknesses, Opportunities, Threats) 

Use: SWOT analysis helps organizations evaluate their internal strengths and weaknesses, alongside external opportunities and threats. It’s particularly useful during strategic planning sessions or when entering new markets or launching new products. 

When to Use: Early in the business planning process or during the review of the organization’s context. 

Clause Alignment: ISO 9001:2015 – Clause 4.1 (Understanding the organization and its context) and Clause 6.1 (Actions to address risks and opportunities). This tool ensures that strategy and quality objectives are grounded in a realistic assessment of the internal and external environment. 

2. Failure Mode and Effects Analysis (FMEA) 

Use: FMEA systematically evaluates potential failure points in a product, process, or system and ranks them by severity, occurrence, and detection. It’s widely used in manufacturing, healthcare, and aerospace sectors. 

When to Use: During product design, process development, or when implementing changes that could introduce new risks. 

Clause Alignment: ISO 9001:2015 – Clause 8.3 (Design and development of products and services) and Clause 6.1 and 8.1. It supports risk-based planning and preventive strategies by analyzing “what could go wrong” and mitigating those risks before implementation. 

3. Risk Registers 

Use: A risk register is a living document that captures identified risks, assesses their likelihood and impact, and outlines mitigation actions and responsible parties. It provides transparency and traceability for risk management activities. 

When to Use: Continuously throughout project lifecycles or operational management, especially in industries like construction, logistics, or IT. 

Clause Alignment: ISO 9001:2015 – Clause 6.1 and Clause 9.1 (Monitoring, measurement, analysis and evaluation). It helps document ongoing risk review processes and links actions to strategic and operational plans. While not a requirement it is beneficial. 

4. Root Cause Analysis (RCA) 

Use: RCA investigates underlying causes of nonconformities, defects, or failures to prevent recurrence rather than just treating symptoms. It’s a staple in corrective action processes. 

When to Use: After incidents, near misses, or nonconformities—often triggered by audit findings or customer complaints. 

Clause Alignment: ISO 9001:2015 – Clause 10.2 (Nonconformity and corrective action). It supports continual improvement by ensuring lessons are learned and corrective actions address the source of problems. 

5. ISO/IEC 31010 – Risk Assessment Techniques 

Use: This standard outlines a variety of risk assessment tools including brainstorming, checklists, fault tree analysis, and bowtie analysis. It offers structured approaches tailored to industry-specific needs. 

When to Use: Depending on organizational maturity, criticality of operations, or regulatory environment. 

Clause Alignment: Supports ISO 9001:2015 – Clause 6.1, as well as clauses in ISO 14001 and ISO 45001 related to risk and opportunity planning. This framework provides flexibility for choosing appropriate methods suited to specific organizational risks. 

These tools, when chosen and applied correctly, don’t just satisfy audit checklists, they cultivate a culture of resilience and foresight. Over the years, I’ve seen organizations evolve by not just using these techniques mechanically, but integrating them into daily decision-making, making risk-based thinking a true operational philosophy rather than a compliance exercise. 

Understanding ISM Code Compliance for Maritime Operators

ISM

Having spent over 15 years in the maritime and compliance world, and a further decade working with various international Flag Administrations, I’ve seen firsthand the shift from traditional shipping operations to a more safety- and systems-driven industry. One of the major forces behind that transformation? The International Safety Management (ISM) Code. For maritime operators today, ISM Code compliance isn’t just about ticking boxes, it’s about embedding a culture of safety, responsibility, and continual improvement into every layer of their operation.

What is the ISM Code?

There is a saying that regulations are written in blood. The ISM Code was born out of hard lessons learned from major marine accidents. The major event that acted as a catalyst in its development was the MV Hearld of Free Enterprise. Introduced by the International Maritime Organization (IMO) under the SOLAS convention, the code mandates that every shipping company operating SOLAS compliant vessels implement a Safety Management System (SMS), a system that governs practices for the safe operation of ships and prevention of marine pollution.

I remember when the ISM Code first rolled out in the ’90s. Many shipowners were skeptical, and some even resistant. Back then, I was sailing with a company who was navigating the early implementation. The real challenge was shifting the mindset, from reactive firefighting to proactive risk management. From a documentation exercise to a shift in the way operations were done. That’s where I learned: policies are easy to write, but real compliance starts with people.

Why ISM Code Compliance Matters More Than Ever

Today, ISM Code compliance is not optional—it’s foundational. For operators navigating increasingly complex global regulations, it offers several key benefits:

  • Safety First: The SMS serves as a blueprint for safe operations at sea. I’ve seen it reduce incidents dramatically when implemented properly.
  • Environmental Responsibility: With public scrutiny and environmental regulations tightening, having structured pollution control measures is non-negotiable.
  • Credibility & Trust: In one of my past sailing tenures with a major operator, ISM compliance helped secure long-term contracts with charterers. Clients want to work with companies that can prove they’re managing risks responsibly.
  • Operational Clarity: When roles, responsibilities, and procedures are clearly outlined, decision-making becomes faster and more consistent.

The Core Objectives of the ISM Code

The ISM Code objectives listed in clause 1.2 remain as relevant now as when the code was first introduced. Clause 1.2 is about outcomes, not just documents. It’s about creating a system that actually prevents harm, not just reacts to it.

For me, ISM Code compliance under Clause 1.2 isn’t just about passing an audit, it’s about building a culture where every person onboard understands their role in safeguarding lives, the vessel, and the environment. It requires integrating risk assessments into planning, ensuring safe working practices, maintaining the ship properly, and always being prepared for emergencies.

I always emphasize these objectives when training ship and shore staff. It’s not about overwhelming them with paperwork, it’s about aligning them with a purpose. The code provides the structure; we provide the commitment.

Key Elements of ISM Code Compliance

A fully compliant SMS includes:

  • Safety and Environmental Protection Policy
  • Defined Roles and Responsibilities
  • Safe Operating Procedures
  • Emergency Preparedness
  • Reporting and Analysis of Incidents
  • Internal Audits and Continuous Improvement

One of the best implementations I facilitated was for a regional bulk carrier. We not only developed the vessel SMS but aligned office procedures, and built an SMS that didn’t just sit in a manual, it lived on the bridge, in the boardroom and in the daily practices of personnel.

The Compliance Process for Maritime Operators

Getting compliant involves more than a checklist. Here’s a simplified roadmap:

  1. Gap Analysis – Review what you already do and what the code expects. Does it reflect the operational reality or is it a fictional system?
  2. SMS Development/Update – Build or refine your safety management system. Comprehensive reviews when done after many years can lead to a reduction in documentation by over 20 percent.
  3. Training & Awareness – Everyone onboard and ashore must know their part. How do they contribute to the effectiveness of the system.
  4. Certification – Obtain the Document of Compliance (DOC) and Safety Management Certificate (SMC) through audits.
  5. Ongoing Monitoring – Regular internal audits and management reviews keep the system alive and evolving.

Common Challenges in ISM Code Compliance

Let’s be real, compliance has its hurdles:

  • Top-down Disconnect: Without leadership buy-in, the SMS becomes a box-ticking exercise.
  • Crew Resistance: “We’ve always done it this way” is a common attitude.
  • Training Gaps: If your crew doesn’t understand the ‘why’ behind procedures, they won’t follow them.
  • Audit Fatigue: Poor recordkeeping and rushed preparation can derail audits.

My advice? Keep it simple. Make procedures practical, not bureaucratic. Involve the crew in developing routines. That’s how you make compliance sustainable.

The Future of ISM Code Compliance and Technology’s Role

The maritime industry is changing fast. Digital tools are making compliance easier and smarter:

  • Cloud-based SMS systems offer real-time updates and reduce paperwork.
  • Remote audits became mainstream during the pandemic—and they’re here to stay. Where a full remote audit is not feasible consider hybrid audits.
  • Data analytics can identify patterns in incidents and help prevent them.
  • Mobile apps for onboard reporting are empowering seafarers to be active players in the compliance process.

Look at mistake proofing of the system. So even if a human wanted to make an error the system would prevent it.

In Conclusion, ISM Code compliance isn’t just about certificates. It’s about creating a safety culture that protects your people, your assets, and the environment. For maritime operators willing to invest the effort, the returns in safety, efficiency, and reputation are well worth it.

If you’re a maritime operator looking to simplify or strengthen your ISM safety management system, I’m happy to share more from my experiences. As someone who’s walked ship decks, sat in boardrooms, worked with Flag Administrations and led audits, I believe that compliance done right isn’t a burden—it’s a competitive advantage.

Internal vs External Audits: What Every Business Owner Should Know

The Strategic Importance of Audits for Business Owners

Audits are more than compliance checks; they are strategic tools that provide insights into performance, risk, and improvement opportunities. Engaged business leaders use audit results to drive better decision-making and long-term success. When conducting well, they provide leadership insights into where they may have to re-prioritize or allocate resources, where policies may be in conflict, what may be working well and where the system needs their leadership intervention.

What Are Internal and External Audits?

Internal Audits: Performed by or for the organization to check its own processes. These may be process audits or full system audits.

External Audits: These could be supplier audits (second party) or certification regulatory audits (third party). Third party audits are conducted by a third-party or certification body to verify compliance with standards.

Internal and external audits differ in breadth and depth of the audit based on scope and objective.

Why External Audits Should Be Taken Seriously?

External audits affect certification, reputation, and client confidence. A successful external audit demonstrates credibility and reliability.

Tip: Be prepared, be honest, and see auditors as partners in your improvement journey.

How to Prepare for Both Audits?

  • Keep documentation current
  • Review and close previous findings
  • Train staff on audit processes
  • Conduct mock audits
  • Engage leadership in the audit process

Conclusion:

ISO audit and their findings are not to be feared. They are valuable tools for identifying weaknesses and driving continuous improvement. With the right mindset and preparation, audits can move beyond mere compliance and become a core part of your strategic growth. Organizations that stay audit-ready show that they are not only compliant but also committed to excellence.

Human Error or a Bigger Problem? When to Dig Deeper

by Julius DeSilva

In the world of process improvement and problem-solving, human “user” error can often become the go-to explanation when things go wrong. A mis-entered data point, a forgotten step in a procedure, or a misconfigured setting—blaming the user is quick and easy. But how do you know when an issue is bigger than just user error?

Understanding when to dig deeper and identify systemic flaws is critical. By integrating structured approaches like Root Cause Analysis (RCA) and the PDCA (Plan-Do-Check-Act) cycle, organizations can shift from a reactive blame culture to a proactive, continual improvement mindset that eliminates recurring problems at their source.

The Prevalence of User Error in Different Industries

Human error has been identified as a significant contributor to operational failures across multiple sectors:

  • Cybersecurity: According to the World Economic Forum, 95% of cybersecurity breaches result from human error.
  • Manufacturing: A study by Vanson Bourne found that 23% of unplanned downtime in manufacturing is due to human error, making it a key contributor to production inefficiencies. The American Society for Quality (ASQ) reports that 33% of quality-related problems in manufacturing are due to human error.
  • Healthcare: The British Medical Journal (BMJ) estimates that medical errors—many due to human factors—cause approximately 250,000 deaths per year in the U.S. alone.
  • Aviation & Transportation: The Federal Aviation Administration (FAA) attributes 70-80% of aircraft incidents to human error, but deeper analysis often reveals process design issues, poor training, or missing safeguards.

These statistics reinforce a key point: Human error isn’t always the root cause—it’s often a symptom of a deeper, systemic issue.

Recognizing When to Look Beyond User Error

Here’s how to tell when an issue isn’t just a one-time mistake but a signal that the system itself needs improvement:

  1. Recurring Issues Across Multiple Users – If multiple employees are making the same mistake, the problem likely isn’t individual human error—it’s a flaw in the process, system design, or training. For example, if multiple operators incorrectly configure a machine setting, it might indicate confusing controls, inadequate training, or unclear documentation rather than simple user mistakes.
  2. Workarounds and Process Deviations – If employees consistently find alternative ways to complete a task, the system may not be designed for real-world conditions. If workers routinely bypass a safety feature because it “slows them down,” the process needs reevaluation; either through retraining, redesign, or better automation. At QMII, we always reinforce building a system for the users, built on the as-is of how work is done and then making incremental improvements.
  3. High Error Rates Despite Training – If errors persist even after proper training, the issue might be process complexity, unclear instructions, or a lack of intuitive system design. If employees consistently make minor mistakes, the system interface or workflow rules might need simplification rather than just retraining staff.
  4. Error Spikes in High-Stress Situations – Mistakes often increase under time pressure, fatigue, or stress. This suggests a workload or process issue rather than simple carelessness. In a maritime environment, high error rates during critical operations could signal staffing shortages, inefficient safety interlocks, or poor user interfaces on devices.

Instead of just fixing errors after they happen, organizations should use the PDCA (Plan-Do-Check-Act) cycle to continually improve processes and reduce the probability of recurring failures.

The PLAN-DO-CHECK-ACT Approach

PLAN – Identify the context and potential risks

  1. Identify the context of the process including the competence of personnel, user environment, complexity and influencing factors.
  2. Apply Failure Mode and Effects Analysis (FMEA) to predict where failures are likely to happen before they occur.
  3. Identify and involve representatives of users through the development of FMEAs and the process.
  4. When predicting controls and resources, determine the feasibility of implementing and providing them.
  5. Simplify procedures, redesign workflows, or introduce automation to eliminate failure points.

DO – Implement the Process and Improvements

  1. Implement the process and test it to check its effectiveness. In the initial stages more frequent monitoring and measurement will be required. The periodicity between checks can be reduced as the process matures.
  2. Provide user training and assess its effectiveness. When errors occur retrain personnel, but only if training is truly the issue—don’t use training as a Band-Aid for bad system design.
  3. Look beyond documented “standard-operating” procedures. As an example: The company implements a visual step-by-step guide near machines to ensure operators follow a standard calibration process.

CHECK – Evaluate the Results

  1. Track performance data to see if the changes have reduced errors.
  2. Get user feedback to ensure the new system is intuitive and efficient. For example, Error rates drop by 40%, but operators still struggle with a specific step—prompting another refinement.

ACT – Standardize & Scale

  1. If the improvement is successful, integrate it as the new standard process.
  2. Scale the change across other departments or sites where similar issues might exist. For example, the company implements the same calibration guide and training approach across all locations, preventing similar errors company-wide.

Conclusion: From Blame to Solutions

While human error is a reality, it’s often a symptom of a deeper process flaw, not the root cause. Those involved in conducting a root cause analysis process or investigation process, must ask “How did the system fail the individual” and “Why did the system fail the individual”. By shifting from a blame mindset to a continual improvement approach, organizations can:

  • Reduce costly errors and downtime
  • Improve employee engagement (less frustration = higher productivity)
  • Enhance conformity and compliance
  • Increase process reliability and efficiency

Monitoring the system will continue for as the context changes the controls implemented may not be as effective as before. A proactive system will not guarantee that things never go wrong. When they do, however, the key is to dig deeper. Using tools like PDCA, FMEA, and RCA will help in identifying long-term solutions to recurring problems. Because in most cases, fixing the system is better than blaming the human.