About UsConsultingTrainingResourcesPMP Home


ISO 10006: Risky Business
Roger Pither 
William R. Duncan 

ISO 10006, Quality management — Guidelines to quality in project management, claims to provide "guidance on quality system elements, concepts and practices for which the implementation is important to, and has an impact on, the achievement of quality in project management." In our opinion, application of this document is more likely to have the opposite effect: if attention is given to the items identified in the standard at the expense of others critical to project management, the result could very well be a poorly managed and unnecessarily costly project that is compliant with the standard.

Strong words, perhaps, but let us look at some of guidance the standard provides, and you can draw your own conclusion.

First of all, ISO 10006 does seem to cover the right subjects — scope, cost, time, risk, and so on. In fact, it identifies virtually the same set of project management processes and knowledge areas as A Guide to the Project Management Body of Knowledge. Not much of a surprise since the ISO committee used a draft of that document as a key input during the development of their document. There are, however, some notable omissions:

  • There are no quality management processes. By failing to include the quality management processes, ISO 10006 implies that these critical processes are outside the scope of project management. How does one ensure quality without quality management?

  • There is no project execution process. Lots of planning processes, lots of controlling processes, but no place to actually do the work of the project. This omission regrettably reinforces the notion that project management is limited to planning and controlling.

  • ISO 10006 limits its discussion of scope to developing "a description of the project product." In doing so, it minimizes the importance of project scope, of defining the work of the project. Hardly a recipe for quality in project management.
Second, the document says that it is "not a guide to project management itself," yet the level of detail provided and the phraseology used in most clauses and subclauses runs counter to this stated intent. There is much use of prescriptive terms such as "action should be taken," decisions should be "formally documented," "special attention should be given to," or "particular attention should be given to." This language creates a false impression of priorities for successful project management and raises the risk of misuse of the standard.

Third, the standard recognizes that project phases and project life cycles exist, but it provides no guidance on how the identified project processes relate to project phases. Some of the ISO 10006 processes will occur only in some phases. Unfortunately, the standard fails to identify which processes these are. This inconsistency is likely to reduce quality in project management if project organizations attempt to implement processes in phases where they donít belong.

Fourth, there are a number of statements that provide incomplete or poorly conceived guidance. These errors were documented as part of the ISO review process, but ISO failed to address them in the final version. The items below are representative.

  • "Particular attention should be given to activities which involve new technologies." (5.4.4) All activities which involve significant uncertainty should receive "particular attention." New subcontractors, inexperienced personnel, and date constrained activities are encountered more frequently than new technologies and are at least as likely as to cause quality problems.

  • "All informal agreements which affect the project performance should be formally documented." (5.9.2) If informal agreements are documented, donít they become formal? If not, is it possible to have a formal agreement that is not documented?

  • Work breakdown structure, critical path, project objectives, project life cycle, project network diagram, project scope and many other project management terms are used without being defined. Since many of these terms are understood differently in different application areas, the absence of agreed definitions may cause considerable confusion.
Finally, the document is inconsistent in much of the guidance it gives. For example:
  • In the subclauses related to cost and schedule control, the document states that "action should be taken to ensure that unfavourable variances do not affect project objectives." Similar text is missing from the subclauses related to resource and risk control: I can ignore resource variances in these areas that affect project objectives and still be in compliance!

  • Subclause 5.11.4 says that "there should be a procedure for subcontracting" and 5.6.2 requires a "defined procedure" for budget acceptance. None of the other processes suggest a need for procedures. I can do everything else ad hoc and still be in compliance.
In summary, the use of ISO 10006 as a reference document for an organization involved in project management, for project management procurement, or by project managers themselves is not recommended.


© 1998 Project Management Partners

Return to Articles


About Us | Consulting | Training | Resources | Home



A Guide to the Project Management Body of Knowledge is a publication of the Project Management Institute, Inc.
The Project Management Institute, Inc. does not support or endorse William R. Duncan or Project Management Partners.