We live in an era where instability has become the norm. Wars, energy crises, pandemics, cyberattacks, extreme weather events: today, the real challenge for businesses is not just to be competitive but to be resilient. In this often-overlooked context, ISO standards reveal a new role: no longer just a synonym for “quality” but a true strategic shield against market instability. “ISO standards, which were created to ensure process compliance and reliability, are now evolving into a proactive model capable of helping companies anticipate and effectively manage crises. Quality is no longer a static stamp to display (no longer perceived solely as a sign of efficiency and compliance), but a dynamic network of protection, prevention, and response,” says Manolo Valori, Technical Director of CVI Italia—the Italian branch of Slovak-based CVI SRO—in this extended interview.
by Roberta Imbimbo
Mr. Valori, we are living in uncertain times. How can businesses prepare for the unpredictable?
Today, the only certainty is uncertainty. Therefore, being competitive is no longer enough. Companies need to be resilient. A business that can adapt and react quickly to external shocks is the only one that can survive over time. Wars, pandemics, energy crises, cyberattacks… the real difference is made by those who are prepared—those who have an effective process management system. And this is where ISO standards are essential: they offer a common language, a structure, and a discipline. They are not abstract rules, but operational tools to build solid organizations—ready to respond and capable of prevention.
Can ISO standards really help in times of crisis?
Absolutely. ISO certifications are no longer just quality labels: they have become strategic tools. Take ISO 22301, for example, which focuses on business continuity: it allows organizations to keep operating even during unforeseen emergencies. This is not just theory; it’s a methodological framework that guides organizations in identifying risks, setting up emergency plans, assigning precise roles, and simulating critical scenarios. Essentially, it enables a company to continue operating when everything else grinds to a halt. This is exactly what allowed InfoCamere to manage the pandemic without service interruptions. In just a few days, the consortium company of Italy’s Chambers of Commerce activated remote working for over 800 employees, maintaining full operations. This is the result of a tested system—not an improvised one. That’s why ISO standards, when genuinely adopted and not just for formality, truly make a difference during crises: they transform reaction into action, and uncertainty into procedure.
So ISO standards become a defensive system?
More than defensive, I’d say proactive. ISO standards are not just about damage control when things go wrong; they help prevent risks, detect them early, and manage them promptly and methodically. It’s a paradigm shift: quality is no longer just control—it’s foresight and adaptability. Take ISO 27001, the standard for information security. In a world where cyber threats are daily concerns—think ransomware, data breaches, and system shutdowns—we can no longer afford a reactive approach. We need a strategy, a structure that protects in a systemic and continuous way. ISO 27001 requires just that: identifying vulnerabilities, establishing countermeasures, training staff, and continually updating protocols. In many organizations, this standard has helped avoid major damage simply because the procedures were already in place before the emergency occurred. In this sense, ISO standards are far more than a defensive system—they’re an organizational culture that equips companies to move with awareness even in unstable environments.
What cultural change do Italian companies need today?
They need to stop seeing certifications as a mere obligation. ISO standards aren’t paperwork—they’re structure. They represent a risk culture. ISO 31000, the standard for risk management and assessment, makes it clear: a systemic approach is needed. This means identifying vulnerabilities, assessing risks, and planning effective responses. Many Italian SMEs still lack this mindset. Yet small businesses could benefit the most from it, as they are more exposed to crises and often the least protected. Implementing an ISO system is like having a compass. One shouldn’t think of these standards as rigid or expensive: many of them are scalable and adaptable even to lean environments. They represent a repository of internationally tested best practices that help companies build systems capable of withstanding real-world shocks.
Looking ahead, how will ISO standards evolve?
They’ll become increasingly integrated with new technologies. Big data, artificial intelligence, predictive simulations—all of this can help businesses manage complex scenarios. But the starting point remains the same: having a system. Only those who prepare can endure, and only those who endure can grow. Quality is not a luxury—it’s a necessity. And resilience is not improvised—it’s built. ISO standards today are the shared language for building stronger, more prepared, more secure businesses. In a changing world, we can’t afford to stand still. But we can—and must—be ready.
