Qooling » Blog Archives

Author Archives: nickappel

Quality in Your Business Strategy

The position of Quality in the overall company strategy isn’t always clear. Yes, most companies claim that quality is their number one priority. This makes sense, as you can only deliver real value if you provide quality products and services. However, how this strategy is translated into the operation isn’t always clear. More often than not, it isn’t incorporated in the organization at all. Last week we talked with a couple of CEOs about how they try to accomplish this and what actions they take. We briefly touch upon the highlights of these discussions.

Empower Quality

Most companies we talked to have an internal quality department. The CEOs pointed out that in order to make quality deeply embedded in the organization, they need to change the role of the quality department. They want the quality department to support the operational departments with embedding quality within the processes. This way, it becomes part of the core processes and not a stand-alone thing. The CEOs also pointed out that it won’t be an easy transition, but it is crucial for the organization in order to execute the strategy. To accomplish this, they gave quality a seat at the table and involved it more in the strategic direction of the company.

Special Improvement Projects

Some of the organizations actually started some special projects to bring quality to the next level. One was a cross-department improvement board. Instead of keeping this main role with Quality, this particular organization made it a collaborative effort among different departments. It wasn’t always easy to coordinate, but it definitely changes the role of Quality within the organization. By bringing the knowledge of the departments together, they got a different point of view for these improvements, which led to some amazing solutions. There were a couple of points they learned during this process. The first is trying to include most opinions. When an organization starts something like this, there will always be certain people eager to help out, which is great. However, sometimes it makes a lot of sense to also hear people that might not be so vocal. It’s a good idea to change the configuration of the people that join the meetings or invite these people occasionally. The second point was about the follow-up. In the beginning, it is very important to keep momentum in these projects to make sure that everybody stays motivated. When momentum slows, certain people might tune out. And lastly was the support from upper management. It is very important that top management joins these meetings every now and then to support the project and show involvement.

Quality as a Department

Another great approach these companies clearly pointed out was the way they positioned quality within the organization. Quality was more like an internal audit and improvement department instead of a department that has to deal with the certificates. This way, quality really focuses on improvement and helping the business get to the next level. Another great result is that the organization is almost constantly ready to be audited by customers or certifying bodies.  

Changing an organization into this paradigm isn’t easy and will take time, but in the end, it will be good for the company. 

Published by:

ISO27001 Certified to become a Supplier

More and more companies and governments have started to require suppliers to be ISO27001 certified. This can be a great push for more data security awareness, but there are downsides to it as well. As an organization, always ask yourself the question of what you want to accomplish before you come up with such a requirement. It might not always lead to the desired result, and could mainly affect costs.

Positive Effect

Being an online platform ourselves, data security is in every fiber of our organization. We take all kinds of measures to secure the data we process for our customers. As more and more companies are starting to make ISO27001 certification part of the vendor assessment, the interest in this standard starts to grow. The vendors will need to take a number of measures to secure the data they process. This will improve the awareness of data protection and will also make people more aware of how to do this properly. Another great benefit is that these companies will become more aware of all the information they process, and what the implications can be when something goes wrong. Thanks to this, these companies will take data protection much more seriously. Hence, somehow making data protecting part of the vetting process of suppliers is a pretty good idea.


The downsides are mainly in the forced nature of this approach. In the same way as other certificates in the past, we introduce the risk of the ISO27001 certificate being just a box to check. When we reach this point, the ISMS will become just another yearly check a company needs to pass. This can seriously affect the status of the ISO27001 certificate of every organization globally. Furthermore, when more companies hold ISO27001 certificates without really taking it seriously, more of these companies will leak data. When more certified companies leak data, the value of the certificate will diminish significantly.


Yes, data protection is important in every market segment and should be taken seriously. However, making the ISO27001 certificate just a box to check during the vetting process could have some bad effects on the ISO27001 as a whole. Secondly, it will lead to a false sense of security because the fact that a company is certified doesn’t mean there is a real focus on data security. When the organization decides that ISO27001 becomes compulsory for vendors, always check the ISMS and not just the certificate.

Published by:

SHEQ Culture: From Push to Pull

We touched upon the SHEQ culture numerous times already, and we cannot stress the importance of it enough. Developing the right culture has a tremendous impact on how SHEQ is perceived within the company and how the company operates. This perception isn’t always good, but it can be switched around by using the right methodologies and solutions.

A great way to measure the perception is by identifying whether there is a Push and Pull approach from the SHEQ management point of view. Push basically means that the SHEQ department is pushing all day long to get employees moving. This is happening in a large number of companies and frustrates SHEQ managers a lot. They are the only force to move SHEQ activities forward. The Pull situation is where SHEQ is driven by the organization, the SHEQ department is primarily consultative and helping out when required. The SHEQ management is deeply integrated in the organization. This is the situation you want to reach eventually. To get to this, there are a couple of things that will help.

Keep It Simple

We all know the phrase, “Keep It Simple, Stupid”, originally introduced by the US Navy. This design principle is not only applicable to complex engineering projects but has huge advantages for SHEQ management as well. A significant number of management systems are too complex to be easily understood by employees. They need to search for documents or forms on servers or within a DMS, without much guidance.

Moving to a dedicated platform for SHEQ will already makes things much clearer, employees know now they need to go to the platform to find the required documents. The easier the management is built up to, the more the Pull will come from the organization because employees can find what they need. The SHEQ department doesn’t have to send the documents again and again and also doesn’t have to send reminders all the time.

Ease of Use

In order to further allow the organization to Pull the SHEQ management, it has to be very easy for employees to integrate with the SHEQ management system and incorporate it into their day-to-day work. When SHEQ activities don’t feel like a necessary evil, they will put a lot more effort without really realizing it. The activities are going so seamlessly while they provide significant information to the SHEQ department of improvement projects.

Within this situation, employees will come to the SHEQ department to get access to the tools required. When this point is reached, the SHEQ department will have a completely different role in the organization. The SHEQ activities should be incorporated into the day-to-day work to really reach this next level, but this can be done.

Providing the right tools to work with for the employees will make this a lot easier. Readily available information via a mobile app becomes a necessity for people to easily interact with the SHEQ management system. Make sure these things are in place for people to leverage.

Published by:

The Impact of Certification Bodies on Companies

After talks with hundreds of quality and safety managers, we saw a pattern emerge we weren’t really aware of. We started to notice that there is some kind of implicit impact certification bodies (CB) have on companies. This impact can be quite severe, and we don’t think all CB or external auditors are aware of this. It basically comes down to being afraid to change because of what the external auditor might think of it.


Implementing any kind of change in an organization is already hard to do. People have the natural ability to resist change with every fiber in their body. Finding a modus in which the company is willing to change can be quite challenging. You need very good reasons why this particular change moves the company forward. This is also where the continuous improvement in lots of the ISO standards gets challenging. They want the company to improve, and therefore change.

Impact of Certifying Body

Most external auditors have a great deal of impact on an organization, even though they are only there 3-5 days a year. They want companies to change or notice certain NCRs that need to be solved. This all can mean quite a workload for companies. Because the ISO certificate is a license to operate for many companies, they don’t really go against the auditor and simply implement what is required. This can lead to a non-functional management system because of so many different influences by all the external auditors. Even though this new management system isn’t really desired, some companies think it is the only way. The fact that the external auditors are able to force change is quite a good thing, even though we strongly believe you should never do something just for the auditor. Every change should always have value for the organization as well.

However, the external auditors also have a big negative impact on change, namely being afraid to change. Certain companies aren’t willing to change because they are afraid whether the external auditor accepts the new way of working. We get this question quite a lot ourselves, and luckily, have a big portfolio of companies to prove that the auditors are happy with it. The fact that these questions arise does show the big influence the certification body has on the choices the company makes, even though the external auditors are hardly there. Companies should be more willing to make their own decisions and be able to explain to the certification bodies why certain changes are made and that it is a net positive for the company.

Published by:

Transparency in QHSE Management

Transparency has a pretty broad spectrum and can mean different things to different people. Not necessarily the meaning of the word transparency, but more the level of transparency and when you are considered transparent and when not. Of course, certain information is on a “need to know” basis within an organization, and not everybody needs to know everything, not even the CEO. However, we do believe that having pretty high transparency will help an organization move forward and give a solid basis for continuous improvement.

We Do It Together

Continuous improvement is something the organization that needs as many people as possible to help with. This doesn’t mean that everybody needs to work on this all the time, but the input from every employee is valuable; hence, we need everybody. The people in the quality department or in the continuous improvement team can help with these topics. When it comes to continuous improvement, all information should be available to everyone so they can learn from each other and easily see what the organization tries to improve. This doesn’t mean it will succeed all the time but it is trying and showing the efforts the organization takes will increase the support from the employees. It also clearly shows a message that trying is good and with it comes the acceptance of failure. Sharing these experiences makes people feel more comfortable and at ease.

The Feedback

Feedback is a great way to engage the employees in the efforts. Showing what the organization does and how it is done will give people an insight in why choices are made. No, you don’t need to open all the notes of every meeting if you don’t feel comfortable doing this, but it is important to just share the key inputs and outputs. Also, an explanation of the reasoning why certain decisions are made will help a lot. It isn’t required to have formal meetings for this. The information can be documented in a platform and people can be updated automatically. However, the results with a big impact should be communicated properly and celebrated. This can be done with in person meetings or, in the light of COVID-19, via any preferred video conferencing tool.

Level of Transparency

The cutoff line of which information should or shouldn’t be open can be quite a tricky one. Some companies are completely transparent and even show the salaries of every employee on a wall, while at other places, almost all information is protected. Setting the levels of information access should always be in line with the company policy and culture. However, we do believe that an organization should be a little more open than what it is comfortable with. Just trust the employees and let them find the information. This isn’t always easy but will help a lot in the future and with slowly changing the culture for the better.

Published by:

Lets Talk about Stakeholders

Ever since the introduction of the HLS (High Level Structure) in several ISO standards, the stakeholder analysis has a more prominent role in most Management Systems. This is a good thing if you ask us. However, most companies have been able to list and somehow categorize their stakeholders, but they are having a hard time managing them. Don’t get me wrong, managing stakeholders isn’t easy and requires a lot of effort. We ourselves can do a better job on this aspect every now and then.

Identifying Stakeholders

This is the most straightforward and easy exercise of managing stakeholders. Every company is capable of identifying their stakeholders and the impact every stakeholder has on the organization. Most analysis show a breakdown that look something like this:

  • Name of stakeholder
  • Impact on the organization
  • Level of influence
  • How to manage the stakeholder

It is not a hard science, but most of the assessments of the stakeholders hold some information like this.

Managing Stakeholders

After the identification of the stakeholders, they need to be managed, which is the hardest task. Every company manages their most important stakeholders with care, their customers. Yes, things go wrong here as well, but most processes in the organization are built to make customers happy. Hence, this stakeholder is managed pretty significantly. Then, the employees are well taken care of in most companies, bad actors aside. Without the employees, there is no company, so they need to be taken care of as well. Then we have the suppliers, these are well taken care of because a significant part the company depends on them, especially the critical suppliers.

In essence, most stakeholders are well informed when they are part of a process and when things are going as planned. It is when something doesn’t go according to plan that things start to break. We experience this over and over again, not just with our suppliers, but also within our company. This isn’t really a bad thing, as long as you are aware of the fact that you dropped the ball and this is where things are going wrong. When you point out that you haven’t been well informed, you see that people start to point to processes or systems. But like I mentioned before, the problem is that things didn’t go as planned, hence the missing information. Just make sure there is some kind of feedback loop in the organization to identify such situations and update the stakeholder analysis.


The stakeholder analysis is a great tool and helps lots of companies. The problem with it is that most companies only look at the situation when everything goes according to plan, which it doesn’t all the time. Make sure you have some kind of way to handle these situations as well to manage the stakeholders even better.

Published by:

Compliance is a Moving Target

Last week we had a great talk with an esteemed consultant about compliance and how to go about it. He had quite a nice way of approaching it. It was during this call he dropped the phrase:

“Compliance is a moving target”

This made me think about being compliant and how it changes all the time. It actually is a moving target, and that’s what makes working in compliance such an exciting job.

Everything Changes

Within the environment of a business, changes happen all the time, new employees enter, employees leave, laws change, standards change, customers demand change, and so on. Every change has an impact on the compliance of a company and can definitely be seen as a moving target. It would be a utopian vision to think you as a company is 100% compliant—it is mostly based on best efforts and, sometimes, interpretations. Hence, stating that a company is compliant simply because it passed an audit doesn’t make lots of sense, although it is common to do this. There are always changes that have an influence on the level of compliance. When a law changes, the organization needs to adopt this change. When a new employee enters, they need to be trained how to work properly. 

The Fun Part

Because compliance is a moving target, it comes with so many challenges. This is for most people working in compliance what makes the job exciting. Changes are required, and support by the employees is a necessity. This balancing act between the hard requirements and the human touch is what makes working in compliance so great. Chasing that moving target and getting as close as possible to being 100% compliant is the goal and is something compliance managers don’t do on their own. Compliance is most definitely a team sport and something that is done with every single person in the company. This isn’t always easy because not everyone is as excited about compliance management as we are, but they all have the power to break the compliance chain, with ease.


Even as a compliance platform, we don’t believe that buying a compliance platform makes you fully compliant. Technology is there to support not lead. All the rules and regulations, laws and standards are man-made and, therefore, can be pretty fuzzy. Because of that, people need to interpret them in order to place it in the right context. Technology isn’t in the same league as humans when it comes to this. You need to be involved in the compliance processes as a human for quite some time. Which is great because it is a great job to do.

Published by:

The Standard Shouldn’t be your starting point

The several different ISO standards can be great guidance when adding structure to an organization. However, the standard shouldn’t be the starting point for an organization when setting up any kind of management system. When you want to create a QMS it is important to start with the core processes of the organisation and especially the ones that have a direct impact on the quality of the product and services the company provides. A significant number of processes that are required for certification are new anyway such as having some kind auditing process. This approach will have little impact because they should reflect how they do their job already. However, do explain why the processes are formalized and that they should be followed. 

Written in Stone

Procedures and processes are not written in stone. Still the mentality within quite some companies is that they have to do it for ISO. A company doesn’t have to do anything for ISO, except for the couple documents that are required by the standard. In essence the standard wants the organisation to work according to how it is documented or formalized by the organization. When ways or working are somehow agreed within the organisation everybody should work accordingly, when people don’t a NC will be noted during an external audit. In essence the company just needs to do what is agreed upon and when it doesn’t it can simply change the procedure. 

Added value

The added value certification for the organisation diminishes rapidly when the feeling is that everything is done for ISO. Employees get the feeling that actions are taken for ISO instead of for the benefit of the organisation. When this is the paradigm in an organisation it is very hard to get it out of the culture and change the mindset of the people. Try to avoid it from the start and always start with showing the added value to the organisation regardless if ISO requires it or not. 

The added value of the different standards are evident in that they can help organisations to structurize and formalize their processes which can be great. The structidized way of working should always have a consistent quality and safety way of working in mind. When this is clearly communicated to the people in the organisation they will see this value. Always keep the added value in mind when you are going for formal certification on the management system.


The most important part in setting up a management system is communication. With good communication you will have support from every level in the organisation which will obviously help. Also when people are involved in the processes they will have some kind of

Published by:

Working from home Ergonomically

Most of us have been working from home for several weeks now. While working from home a couple of days here and there is fine for most of us, we now run into an odd situation that we really need to think about having a proper workplace while working from home. Still, a number of people are working either on the kitchen table or on some sort of desk. While this is the case, most companies have strict policies when it comes to deskwork, especially on the ergonomics aspects of the job. We need adjustable tables, adjustable chairs and adjustable screens. This all to make the job less demanding for the body. However, while working from home, we don’t always have all these tools at our disposal for working ergonomically.

Description: image1.jpg
Correct sitting at desk posture ergonomics: office worker using a computer and improving his posture

The Table

Most of us are working either on the kitchen table or on a non-adjustable desk. We can debate about why we should work on these types of tables, but most people don’t have room to create a proper home office. However, when you work from home, try to find a way to adjust the height of the table. You can put some wood or books underneath the table legs to change the height of the table. Again, it’s not ideal, but we need to work with what we have.

The Chair

This one is much trickier, especially when the chair is non-adjustable. At least find a position, which relaxes the body somehow. Also try to use a pillow to support your back when you sit in the chair. Unlike the table, it is much easier to buy an adjustable chair. They don’t take up lots of space and will help a lot to sit comfortably and prevent back pains.

The Monitor

The height of your screen is important to prevent neck pain. Looking straight at your screen makes sure you have a good position for your neck. You can either buy an adjustable screen or simply use a book to levitate the screen. Try to come as close as possible to the configuration above.

The Accessories

This is probably the most neglected part of working from home. Most people work on a laptop and simply use the trackpad and keyboard that comes with the laptop. A separate mouse and keyboard allows much more degrees of freedom, because you can configure it yourself. The keyboard and trackpad are fine for working an hour or so, but not to work on them hours on end.

Also a lot of people are used to working with a second screen. Just use your old laptop or an old desktop screen to work with a double screen or maybe buy a new one. Because this working from home could take a while and maybe you like it so much, that in the future you work one or two days at home instead of in the office. Some of our employees are more productive back at home, because there are no distractions from colleagues. Just think about it, how is working from home working for you?

In the end it is important to have a proper workplace at home, which gives the least possible physical problems. We need our body for the rest of our lives, so just make sure you treat it accordingly.

Published by:

Working from home as a Safety Manager

This pandemic of course has a big impact on your job as a safety officer. Normally, you are mainly outside or in the production plant to check up on the safety culture in the company. It is important to be among the people in the company and observe their safety awareness. These observations are crucial to improve the safety culture of the organization. Over the last week, this has reduced significantly but the workload probably spiked the first week. Now, you need to find a way to maintain the safety of the workers somehow remotely.

First Line Action

The COVID19 most likely created a big spike in the workload the first couple of weeks. Policies were probably not in place for these circumstances and therefore needed to be created in record time. Most companies have never considered this scenario and this being a health-oriented “Black Swan” risk, you as the safety manager were involved heavily. All procedures and policies need to be in place to make sure people have guidance in these times. Also, the work instructions need to be updated and added to comply with new laws and regulations.

Working From Home

The new norm forces most people to work from home. Of course, you can probably be on site every now and then, but the feeling with the employees in production reduces due to the distance. Despite you not being there, the safety risks didn’t reduce, they might even become bigger due to changes in the way people work. Working with less people on the same square meter can increase the safety risks. On the other hand, from home you can upgrade work instructions, procedures, processes and policies. The lack of colleagues will reduce the number of distractions and allows for better focus, of course, only if you don’t have small children.


Being able to delegate some of the safety activities is key in this because you cannot be on site. The right technology can help a lot here. The shift manager or other team leaders can do the necessary safety walks, which gives you important information to check on the safety culture. When people on site perform these checks, you get at least an idea about what is going on. Yes, you will be missing some key parts, but together with the couple of days you are on site you should be able to have some sort of feeling.


One other great thing you can do in this period is creating a great training session. Using the right platform, you can send the training session to the employees to make sure that safety stays on top of their mind. This also allows you to utilize the information from the safety checks and incorporate that information directly into such a training. Besides the awareness training, you can always simply upgrade to new employee training sessions or the general safety training.

Published by: