Your Team Has Training. But Do They Have Competence? An ISO Standard Reveals the Dangerous Gap

Why do well-designed services and processes still fail unexpectedly? Organizations invest heavily in documenting procedures, establishing policies, and deploying sophisticated technology, yet critical breakdowns persist. These failures damage customer trust and disrupt operations, leaving leaders searching for a cause that isn't in their process diagrams. The reality is that human error remains a leading cause of service incidents, and skill gaps directly affect availability, security, and continuity.

The answer often lies not in policies, but in people. A service is only as strong as the individuals responsible for executing it. When a gap exists between what team members are supposed to be able to do and what they can actually do under pressure, failure becomes inevitable.

This article explores four counter-intuitive but critical lessons about competence drawn from the international standard for IT Service Management, ISO/IEC 20000-1. While these insights come from the world of IT, they reveal fundamental truths about organizational effectiveness that apply to any team, in any industry.

--------------------------------------------------------------------------------

1. It's Not Your Policies That Fail—It's Your People

While organizations invest countless hours and resources perfecting processes and policies, the primary point of failure is often human error and unaddressed skill gaps. A perfectly written procedure is useless if the person responsible for it lacks the skill, knowledge, or experience to apply it correctly.

The standard frames this reality with stark clarity, offering a principle that should be a focus for every manager:

Services do not fail because of policies—services fail because people lack the competence to apply them.

This is a critical shift in perspective. It forces leaders to look beyond documentation and focus on the critical link between strategic planning and operational excellence—a link forged by the real-world capabilities of their teams.

--------------------------------------------------------------------------------

2. The Great Misconception: Training and Certifications Aren't Competence

One of the most common mistakes organizations make is confusing training with competence. The standard draws a crucial distinction between the two: training is an "input," like attending a course or a workshop, while competence is an "outcome"—the proven ability to apply knowledge and skills to perform effectively. As audit insights make clear, "Training records alone do not prove competence."

This same logic extends to professional certifications. While valuable for building foundational knowledge, a certificate on a wall is not a substitute for demonstrated ability in a live environment. The standard's audit rule is clear and unforgiving on this point: Certification does not equal competence. Competence must be demonstrated in practice.

This distinction is vitally important because many organizations use training completion and certifications as a checkbox exercise. This creates a false sense of security, masking real skill gaps that remain unaddressed until they surface during a critical incident.

--------------------------------------------------------------------------------

3. You Can't Outsource the Competence Problem

The principles of competence management don't stop at your own payroll. They apply to any external personnel working under your organization's control, including contractors, consultants, and staff from managed service providers. A common and dangerous failure is assuming a supplier is competent simply because you have a contract with them.

When you outsource a service, you don't outsource the risk associated with it. If your supplier's staff lacks the necessary skills, your organization's services will suffer the consequences. Accountability remains with you, and that means taking concrete action. Competence expectations must be defined in contracts, and the competence of supplier staff must be actively monitored.

--------------------------------------------------------------------------------

4. The Forgotten Step: You Must Prove That It's Working

Defining competence requirements and providing training are only the first steps. The standard makes it clear that this is not enough. It explicitly demands that organizations "Evaluate the effectiveness" of any actions taken to build competence. Simply providing a training course doesn't fulfill the requirement; you must prove that the training actually worked.

The standard allows for several practical methods to perform this evaluation. Acceptable evidence can include:

• Performance reviews
• Observation of work
• Peer or supervisor feedback
• Analyzing incidents and errors to pinpoint skill-based root causes
• Testing or formal assessments

This final step closes the loop. It moves competence from a hopeful assumption to a demonstrable, evidence-based reality. It ensures that the skills you believe your team has are the skills they actually possess and can apply when it matters most.

--------------------------------------------------------------------------------

Conclusion: From Assuming to Knowing

The core message from the standard is a powerful one: true competence is not an assumption but a demonstrable, evidence-based reality. It is a proven, ongoing capability that must be carefully defined, actively developed, and—most importantly—rigorously evaluated. Shifting from a culture of training to a culture of proven competence is the difference between building resilient services and just hoping for the best.

Look at your own team and the people your services depend on. Are you assuming your people are competent, or are you prepared to prove it in an audit tomorrow?

Share This Article

Found this useful? Share it with your network: