STANDARD & LEGISLATION - UCIF Informs
Do System Certifications Still Bring Value for Companies in the Mechanical Engineering Sector? Manuela Casali, UCIF – Italian Surface Treatment Equipment Manufacturers’ Association, Milan, Italy
I
info@ucif.net
n the complex and delicate choice of a trusted industrial
degree, through an objective, standardised, transparent, and
or commercial partner, we all tend to select a supplier with
international technical reference framework.
a proven track record of expertise, professionalism, and
On the other hand, companies are now required to comply
reliability. However, how can we recognise these elements and on
with a significant number of both voluntary and mandatory
the basis of which parameters can we be sure of their effective
standards, which require an organisational and management
implementation within a company, be it large or small? Leaving
capacity that sometimes is not easy to reach. Despite
aside reputational information, which is still considered important
numerous efforts to make compliance easier to achieve, these
today despite being difficult to verify, one of the tangible
can call for complex preparation and availability of resources
indicators we can turn to is system certifications, i.e. certificates
and people.
that are issued by independent organisations to attest to the
The choice of having a management system in place should
achievement of certain standards in a specific field of activity.
be felt as a necessity to streamline and better understand
According to data published on the website of Accredia (the
how one’s company is organised with regard to the pursuit
Italian accreditation body), certifications in Italy are growing
of certain objectives. Certified companies demonstrate
steadily, with an increasing number of management system
a systematic, reflective approach to work, based on the
accreditations. Leading this ranking is the 9001 standard, the
use and sharing of information and communication. For
quality management system certification, followed by other
instance, one of the latest additions to the legislation in effect
increasingly specific certifications that are more tied to particular
was the integration between the General Data Protection
historical moments. Whereas it is almost “obvious” to have
Regulation (GDPR) and the ISO 27001 certification scheme, an
and maintain the ISO 9001:2015 certification, which offers
international standard that lists the requirements for setting
a guarantee to customers and demonstrates a company’s
up and managing information security management systems
commitment to continue to improve its processes and comply
(ISMS). Companies that are ISO 27001 certified are certainly at
with regulations, nowadays it is just as essential to focus on a new
a greater advantage from a procedural and systemic point of
way of doing business, one that ensures continuity of operations,
view in adopting certain provisions of the GDPR. Incidentally,
guarantees data protection, and safely promotes the creation of
it should be remembered that ISO certifications are voluntary,
increasingly innovative services while maintaining a high quality
whereas the European General Data Protection Regulation is a mandatory standard. It is also important to emphasise that a project that leads a company to obtain a certification should be an effort aimed at creating an added value and not an end in itself. Without this prerequisite, certification becomes a mere cost, which certainly enhances the organisation’s image on the market but generates neither value nor reputation.
© AdobeStock
156
N. 83 - SEPTEMBER/OCTOBER 2023 - international PAINT&COATING magazine