ISO 9001 is a standard that sets out the requirements for a Quality Management System. It helps businesses and organizations to be more efficient and improve customer satisfaction. A new version of the standard, ISO 9001:2015, has been launched, replacing the previous version (ISO 9001:2008).
Why has the standard been revised ?
ISO standards are reviewed every five years and revised if needed. This helps ensure they remain useful tools for the marketplace. The challenges faced by business and organizations today are very different from a few decades ago and ISO 9001 has been updated to take this new environment into account.
For example, increased globalization has changed the way we do business and organizations often operate more complex supply chains than they did in the past. In addition, there are increased expectations from customers and other interested parties and, with more access to information, today’s wider society has a stronger voice than ever before. ISO 9001 needs to reflect these changes in order to remain relevant.
What are the major differences?
The most noticeable change to the standard is its new structure. ISO 9001:2015 now follows the same overall structure as other ISO management system standards (known as the High-Level Structure), making it easier for anyone using multiple management systems.
Another major difference is the focus on risk-based thinking. While this has always been part of the standard, the new version gives it increased prominence.
ISO 9001:2015 has ten clauses instead of eight. The following table shows the relationship of the ISO 9001:2008 clauses to those in the new ISO 9001:2015.
ISO 9001:2015 puts more focus on input and output
There is more emphasis in ISO 9001:2015 on measuring and properly assessing the input and output of processes. According to ISO 9001:2015, an organization must closely monitor which articles, information and specifications are involved in the production process. Organizations must also clearly check whether good articles come out of the production process.
Summary of principal changes – ISO 9001:2008 to ISO 9001:2015
- ANNEX SL
Annex SL is a new management system format that helps streamline creation of new standards, and make implementing multiple standards within one organization easier. The new standard adopts the format and terminology of Annex SL.
Annex SL was developed to ensure all future ISO management system standards would share a common format, irrespective of the specific discipline to which they relate. Annex SL prescribes a high-level structure, identical core text, and common terms and core definitions.
This means that even when requirements are essentially unchanged between ISO 9001:2008 and ISO 9001:2015, these are frequently found under a new clause/sub-clause heading
• Leadership and commitment in ISO 9001:2015
ISO 9001:2015 also places more emphasis on leadership and management commitment. It requires greater involvement by top managers and business leaders in controlling the quality management system.
This way, ISO 9001:2015 is intended to encourage integration and harmonization with business processes and business strategies. The top management now has to take more responsibility for the effectiveness of the quality management system.
Because ISO 9001:2015 pays more attention to risk management, interested parties and the context of the organization, the quality management system also fits in better with the needs of the top management.
The quality management system is now more than ever a means for being strategically successful by addressing the needs of interested parties and by managing opportunities and threats.
The ‘management representative’ of ISO 9001:2008 was a member of the management committee who had the responsibility and authority for steering the quality management system along the right lines. ISO 9001:2015 does not mention this aspect any more. The idea behind the change is that quality is a matter for everyone and for all levels within the organization.
The removal of all references to the role of “management representative” reinforces the requirement to see quality management systems embedded into routine business operations, rather than operating as an independent system in its own right with its own specialist management structure and processes.
In ISO 9001:2008, the Clause 5, previously “Management Responsibility”, has now become “Leadership”. Top management are required to demonstrate that they engage in key quality management system activities as opposed to simply ensuring that these activities occur. This means that there is a need for top management to be actively involved in the operation of their quality management system.
- Context of the organization
ISO 9001:2015 requires an organization to construct its quality management system from now on from the specific context within which it is active. This means, among other things, that, as an organization, they have to take into account the needs and expectations of interested parties and that need to be evaluated and dealt with internal and external strategic questions. You have to show that, as an organization, you understand and respond to the expectations of all the parties concerned.
Two new clauses (4.1 and 4.2) are introduced in ISO 9001:2015 relating to the context of the organization. The organization is required to identify explicitly any external and internal issues that may impact their quality management system’s ability to deliver its intended results.
They must also understand the needs and expectations of “interested parties” (or stakeholders) – those individuals and organizations that can affect, be affected by, or perceive themselves to be affected by, the organization’s decisions or activities.
- Scope of the organization
ISO 9001:2015 places a greater emphasis on the definition and content of the scope of the quality management system than ISO 9001:2008 did. The scope sets the boundaries for, and identifies the applicability of, an organization’s quality management system.
Clause 4.3 requires scope to be determined in consideration of the organization’s context.
- Process approach
While ISO 9001:2008 promoted the adoption of a process approach when developing, implementing and improving the effectiveness of a quality management system, clause 4.4 of ISO 9001:2015 sets out specific requirements considered essential to the adoption of a process approach.
- Risk-based thinking is the core of ISO 9001:2015
Risk-based thinking has a very important place in ISO 9001:2015. Companies are now strongly encouraged as an organization to use risk analysis in order to decide which challenges they see in the management of their business processes.
To emphasize their dominance, the concept of ’risk’ occurs forty-eight times in ISO 9001:2015, compared with only three times in ISO 9001:2008.
The addition of risk-based thinking has made the ‘preventive measures’ of ISO 9001:2008 redundant. These preventive measures no longer appear in ISO 9001:2015.
ISO 9001:2015 focuses on the core concept of identifying and addressing potential mistakes before they impact the organization and more importantly they have a serious impact on the stakeholders of the company. ISO 9001:2015 now talks in terms of risk and opportunities. The organization must evidence that they have determined, considered and, where necessary, taken action to address any risks and opportunities that may impact (either positively or negatively) their quality management system’s ability to deliver its intended results or that could impact customer satisfaction.
The term “product” has been replaced by “products and services”. Previously, the inclusion of services as products was implicit. By including explicit reference to services, the standard writers are attempting to reinforce that ISO 9001:2015 is applicable to all organizations, not just those that provide tangible products.
This inclusion has include the generic standard which means all the organization operating with tangible and non-tangible goods or services are or can be included in this standard.
ISO 9001:2015 clause 10 recognizes that incremental (continuous) improvement is not the only improvement profile. Improvement can also arise as a result of periodic breakthroughs, reactive change or as a result of reorganization. Thus, the title of this clause is now “Improvement” (ISO 9001:2008 8.5.1 was “Continual improvement”).
- External provision
The phrase “externally provided processes, products and services” replaces “Purchasing” and “Outsourcing”. Clause 8.4 addresses all forms of external provision, whether it is by purchasing from a supplier, through an arrangement with an associate company, through the outsourcing of processes and functions of the organization, or by any other means. An organization is required to take a risk-based approach to determine the type and extent of controls appropriate to each external provider and all external provision of products and services.
ISO 9001:2015 no longer requires obligatory documented procedures or a quality manual. This is noteworthy. This is now referred to as ‘documented information’ in practically all clauses of ISO 9001:2015.
The definition states that it concerns ‘information that the organization has to control and maintain’. The information can be in any format and come from various sources and media. Diverse forms of evidence or documentation are therefore possible.
References to requirements for a documented quality manual, documented procedures and to quality records have been removed. Instead, throughout ISO 9001:2015 there are specific references to “documented information”. This is information that the organization is required to control, maintain and retain.
How it wishes to record this information is up to the organization itself; formats and storage methods are not prescribed in the standard. However, the organization need to be aware and safeguard the storage system with planned backup to mitigate the risk.
There has been a conscious attempt to revisit the wording of the standard with a view to making the requirements easier to understand and to aid its translation. Where requirements were previously implied, the wording of the standard has been amended to make them explicit.
Understanding the organization and its context, the adoption of a process approach, and risk-based thinking are perhaps the most significant examples but these are not the only instances, as a detailed examination of the clauses confirms. The aim of the upgraded version is to make it easier for the organization to understand the manual.
As in the 2000 and 2008 editions, the terms and definitions remain in the separate standard – ISO 9000:2015. ISO has also made the terms and definitions available
•Engagement of interested parties
In ISO 9001:2008, customers were often named as being the only interested party. This concept has been extended in ISO 9001:2015. Suppliers, personnel, shareholders, legislative bodies, society, internal customers, etc. are now included as interested parties, in addition to customers.
As an organization, they have to be aware of the importance of these interested parties’ (changing) requirements and standards, and anticipate them in the features of the products and services.
This has always been part of the standard in another form. Therefore, it is not expected that organizations will have to implement major changes in this respect. Organizations cannot make or deliver a good product without knowing the requirements and expectations of customers and interested parties in any case. This is the basis of a quality management system.
What benefits does the new version bring?
The new version of the standard brings the user a number of benefits. For example, ISO 9001:2015:
- Puts greater emphasis on leadership engagement
- Helps address organizational risks and opportunities in a structured manner
- Uses simplified language and a common structure and terms, which are particularly helpful to organizations using multiple management systems, such as those for the environment, health & safety, or business continuity
- Addresses supply chain management more effectively
- Is more user-friendly for service and knowledge-based organizations
If you are ISO 9001:2008 certified, what should you do?
The 2015 edition has now replaced the 2008 version. Since it has been revised to meet the needs of today’s business world, it is recommended that the company should update the quality management system to fit the new version. Every organization is different, so the steps needed to adjust the management system are likely to be unique to the situation.
A three-year transition period from the date of publication (September 2015) to move to the 2015 version. This means that, after the end of September 2018, a certificate to ISO 9001:2008 will no longer be valid.
The time is now to upgrade yourself to 2015 and consult with management consultant (Nepal Realistic Solution ) for upgrade. We are associated with a number of international certifying bodies who can guide through the process for your convenience.
Different Terminology in ISO 9001:2008 and ISO 9001:2015
The following table is a brief summary of a number of important changes to the terminology compared with ISO 9001:2008.
This is not an exhaustive list of the differences between ISO 9001:2008 and ISO 9001:2015, but it does show the main points.
How can companies transition from ISO 9001:2008 to ISO 9001:2015?
Assuming that a company is already ISO 9001 certified, it is recommended taking the following steps in order to comply with ISO 9001:2015:
- Baseline measurement
Perform a baseline measurement in the organization. Make a complete overview of the current status of your quality management system and the organization’s conduct of business.
- Plan of approach
Draw up a plan based on the baseline measurement. Thanks to this plan, you can take the time to make changes and to implement improvements step by step.
The planning of the approach can be assisted through management consultancies that specialize in management certification. Nepal Realistic Solution is one of those who have been involved with a number of companies assisting them with the certification process.
Implement the changes in accordance with the plan of approach. Incorporate measurement points and milestones.
- Auditing and process analysis
Measure whether the changes have had the desired effect. Measure the input and output of the processes you consider to be important because they are critical or risky, for example.
Have your organization certified according to ISO 9001:2015.
- Communication with interested parties
Show your interested parties not just the certificate, but also show them the results with pride. Let them see how well your organization manages its processes and continuously improves them.
The whole process of transition from ISO 9001:2008 to ISO 9001:2015 can be assisted by Nepal Realistic Solution. If you want our assistance you can call us at 01-5525887, 01-5008504 or simply reach us at firstname.lastname@example.org.
- (CQI), T. C. (2015, 09). ISO 9001:2015; Undertanding the International Standard. London, United Kingdom.
- Consulting, P. (2015, 10 13). Important differences between ISO 9001:2008 and ISO 9001:2015. Retrieved from Pauwels Consulting Engineering-Pharma-IT: https://www.pauwelsconsulting.com/blog/iso-9001-2015/
- ISO 9001:2015 vs. ISO 9001:2008 . (n.d.). Retrieved from Perry Johnson Registrars: http://www.pjr.com/downloads/ISO%209001%20CRM.pdf
- Manufacturer, P. I. (2017, 07 13). What are the 4 main differences between ISO 9001:2008 and ISO 9001:2015. Retrieved from Product Identification and HMI Manufacturer: http://www.cubbison.com/blog/iso-2015-vs-2008/
- Standardization, I. O. (n.d.). Moving from ISO 9001:2008 to ISO 9001:2015. Geneva, Switzerland. Retrieved from International Organization for Standardization: https://www.iso.org/files/live/sites/isoorg/files/archive/pdf/en/iso_9001_-_moving_from_2008_to_2015.pdf
- Stores, S. (2018). Comparision between ISO 9001:2008 to ISO 9001:2015. Retrieved from Standards Stores: http://the9000store.com/what-are-iso-9000-standards/what-is-iso-9001/iso-9001-2015-resource-center-comparison/