The original ISO 9001 was released in 1987. It has been revised three times, so far – in 1994, 2000, and 2008 – and an updated version is scheduled to be released shortly.
The last major revision to ISO 9001 was in 2000. The 2015 version is the second significant departure from the preceding version.
The structure of ISO 9001:2015 differs from that of its predecessors:
- There are ten clauses, rather than eight.
- ISO’s Annex SL, a general framework for management systems, will make it possible for organizations to coordinate compliance with multiple standards with less effort and confusion.
- Documents and records are no longer differentiated. Instead, the ISO 9001 update refers to “documented information”.
- No longer will there be “required procedures”.
The structure isn’t the biggest change to come to ISO 9001, however. The most important differences in ISO 9001 are in the emphasis on the context of the organization and on risk-based thinking. The “context of the organization” refers to the influence of external – and to some extent, internal – issues on an organization’s strategy and purpose. That is, organizations do not operate in isolation, so they must consider the impact various issues will have on them.
Public companies subject to Sarbanes-Oxley and related legislation know what risk-based thinking means. When SOX was passed back in 2002, companies were led to believe or they interpreted the law to mean that they had to implement mass internal controls on financial reporting. After several years of missteps and complaints, the SEC and PCAOB decided attention should be focused on the greatest risks companies faced, rather than every potential risk.
In ISO 9001, risk-based thinking essentially means that organizations will no longer be required to account for every possibility of noncompliance when developing their quality management systems. Organizations should account for risks to quality according to their likelihood and potential impact.
As of July, 2015, the quality standard is in final draft form (FDIS ISO 9001:2015). This means auditors can’t be formally trained or certified to ISO 9001:2015 until after it is released.
Companies and auditors certified to the current version of ISO 9001 will have three (3) years from the release of ISO 9001:2015 to be certified to the new version of the standard. As an auditor who is due for ISO 9001 recertification in the coming months, I plan to become certified to the 2015 version as soon as practicable. Following that, I look forward to when organizations will be preparing for ISO 9001:2015 certification.
Are you getting ready for the coming ISO 9001 revision? How?
* * * * * * * * *
Are you a small business owner? Are you in need of internal quality audits but don’t have the time or budget? Do you want to know how your business stands with respect to ISO 9001? Do you plan (need) to have your QMS certified to ISO 9001:2015, or would you just like to apply the principles of the quality standard to your business?
Q9C Consulting helps small businesses get the maximum value out of ISO 9001 and other standards and we can help you. We act as your quality department, but without the overhead. We conduct “internal” audits, to gauge your degree of compliance and ensure your compliance with ISO standards. We can also help you develop and implement your own quality management system.
For a free consultation, get in touch with us.
 The potential for sudden and rapid fluctuation in stock markets – like what we’ve witnessed in the last week – is one example.