IJCA - Volume I - Flipbook - Page 40
40 The International Journal of Conformity Assessment
2022 | Volume 1, Issue 1
DOI: 10.55459/IJCA/v1i1/TA
Abstract
As organizations seek to become increasingly competitive and innovative,
knowledge management systems are emerging as critical assets. This
article reviews how knowledge is portrayed in management system
standards, examining the relationship and how it reflects on the
governance of organizations. The framework of ISO standards mentioned
in this article is useful for organizations that aim to develop a mature
roadmap to business resilience and continuity
Keywords: knowledge
management, knowledge
management system,
information, tacit knowledge,
explicit knowledge, ISO 30401,
ISO 9001, ISO 27001
Governance of Knowledge in Management Systems
Applications
By Tolga Aktaş, Management System Auditing Specialist
Overview of Knowledge and Knowledge
Management
The amount of data in our world is increasing—from
our personal lives to our professional pursuits,
revealing competition in every business field.
When processed, data evolves into information.
When combined with insights, information evolves
into knowledge, which helps organizations make
effective decisions and take actions in context.
Therefore, organizations can exist and maintain
their longevity by controlling knowledge. For this
reason, issues related to the protection, sharing,
and security of knowledge have come to the fore,
discussed and standardized.
Knowledge management (KM), on the other hand,
is defined as “management with knowledge” and “a
systematic and comprehensive approach to improve
results and learning” by ISO 30401, which emerged
as an academic discipline especially in the 1990s [1]
and was published by the International Organization
for Standardization (ISO) in 2018. As stated in ISO
30401, knowledge management “includes optimizing
the identification, creation, analysis, representation,
distribution, and application of knowledge to create
organizational value [2].”
Knowledge is classified differently across many
approaches; however, the most widely accepted
classification of knowledge is that of Polanyi [3],
who classifies knowledge as either tacit (implicit) or
explicit. Explicit knowledge is formal and structured
and can be codified to be shared. Tacit knowledge
is experiential, consisting of lessons learned while
executing tasks or projects and insights gained from
continuous problem resolution [4].
Tacit knowledge is the information we carry inside
us, in our brains. It is so ingrained in us that we
sometimes do not even know that we have it.
This makes it exceedingly difficult to share tacit
knowledge. For example, we know that car drivers
sometimes put themselves on “autopilot” and do
not remember the last kilometers they drove. When
we ask them how they did that action, they cannot
answer. These situations happen to all of us often.
We do things without knowing how we do them and
have a challenging time explaining the phenomena
to someone else. The collective power created by
the sum of implicit information is extremely valuable
for an organization.
Explicit knowledge is what we can express in words,
pictures, documents, or other means. Therefore, to
share our knowledge, we must first make it explicit.
Let us expand on this thought by circling back to
the example about driving. The most awkward
thing about teaching someone to drive is that we
assume that person knows a lot of things we do. We
are surprised when they do not understand what
we are saying. It can be difficult to translate all our
knowledge of driving into a form that is clear enough
to share, that is, in words, text, or pictures [5].
Whether it is tacit or explicit, for organizations,
the aim of KM is to generate knowledge from
information and convert it into a competitive
advantage. Today, ISO 30401:2018 is the main
standard that supports an organization’s ability
to develop a management system that effectively
promotes and enables value-creation through
knowledge.
Knowledge Management Systems
Standard: ISO 30401:2018
ISO 30401, first published in November 2018,
starts with an introduction stating the purpose,
importance, and range of KM that is followed by
guiding principles and a summary. There are 10
main sections—in line with the high-level structure
framework of ISO[6]—followed by three annexes for
informative purposes and a bibliography. Here is a
brief overview of these contents:
Section 1 – Scope: The scope of this standard
sets requirements and provides guidelines
for establishing, implementing, maintaining,
reviewing, and improving an effective management
system for KM in organizations.
Section 2 – Normative References: This publication
has no normative references.
Section 3 – Terms and Definitions: There are
30 terms defined briefly in this section to give
guidance to users.
Section 4 – Context of Organization: This section
mandates that an organization must understand
its context. An organization shall determine
external and internal issues that may affect its
knowledge management system (KMS) in addition
to needs and expectations of interested parties
in its business environment. This analysis helps
organizations determine the scope of a KMS, in
other words “knowledge domains,” which must
be available as documented information. The
standard gives three requirements as independent
dimensions of a KMS, which include knowledge
development, conveyance and transformation, and
KM enablers.
According to the standard, the development of
knowledge has a life cycle starting with acquiring
new knowledge, applying and retaining current
knowledge, and handling outdated or invalid
knowledge. The main purpose of these activities,
along with examples, is shown in Figure 1.
41
The standard emphasizes that a KMS shall include
activities and behaviors supporting different types
of knowledge flows such as human interaction,
representation, combination, internalization, and
learning with given examples. Also, enablers that
support KMS objectives are defined as human
capital, processes, technology and infrastructure,
governance, and KM culture.
Complying with the requirements stated in this
section and using the guidelines are the basis of
successfully implementing further steps of a KMS.
Section 5 – Leadership: This section mandates that
top management members within an organization
develop, document, and communicate a KMS
policy within said organization as well as
with interested parties. Demonstrating such
commitment is possible by making resources
available, directing and leading persons to
contribute to the effectiveness of a KMS,
and managing changes. For this purpose,
organizational roles must be clearly defined with
responsibilities, authorities, and competencies per
role.
Section 6 – Planning: Organizations shall consider
the consequences of risks and benefits of
opportunities based on context and plan actions
to address them. The standard also mandates
organizations to determine, document, and
communicate objectives that align with the KMS
policy. To achieve these objectives, organizations
shall have action plans that include a certain
time frame, designated responsibilities, and an
evaluation methodology of the results.
There are many reasons to implement a KMS (e.g.,
enhanced communication, better process results,
higher profitability, targeted marketing). According
to one source, risks can be caused by three
barriers: individual, organizational, and technology
[7]. Another classifies risks as either human,
technological, or operational knowledge risks [8].
Section 7 – Support: Organizations shall consider
Figure 1. Knowledge Development According to ISO 30401