© 2014 NQA, USA

ISO 9001:2015 REVISION 10 THINGS TO KNOW

September 2014 Timothy Woodcome Director, NQA USA

© 2014 NQA, USA

ISO 9001:2015 - #1

ISO 9001 is currently under revision

As per the regular review cycle, ISO is in process of updating the ISO 9001 standard (current version 2008). ISO standards are typically reviewed

approximately every 5 to 7 years. Depending upon user input, some revisions are more or less substantial than others. The current revision appears to be fairly significant, primarily due to changes in structure, along with some additional

concepts/requirements.

© 2014 NQA, USA

ISO 9001:2015 - #2

The ISO Revision process is phased - The usual phases include the following:

© 2014 NQA, USA

ISO 9001:2015 - #3

Certified Organizations will have additional time to transition to the new standard.

It is expected that organizations will have up to three years from the ISO release date upon which to transition their existing certification (e.g. late 2015 to late

2018). Transitioning will require organizations to meet the revised requirements and demonstrate effectiveness of their processes. Certification bodies such as

NQA will be actively communicating and facilitating these transitions for customers.

© 2014 NQA, USA

ISO 9001:2015 - #4

Transition audits may require additional time.

NQA will strive to offer low or no-cost transition options (such as phased transitions across multiple audits), however additional audit time may be necessary for organizations looking to achieve 2015 certification in some

instances (e.g. special visit, single visit, etc.). Additionally, Accreditation Body oversight may specify additional time requirements that Certification Bodies will

need to comply with in order to provide suitable audit coverage of revised requirements. (This has yet to be determined at this time...)

© 2014 NQA, USA

ISO 9001:2015 - #5

ISO 9001:2015 will have a new structure

ISO has developed a ‘High Level Structure’ (aka Annex SL) to be utilized by the various ISO management system standards moving forward. This structure will

allow for more consistency and better alignment across management system disciplines such as quality, environmental, information security, etc. The new structure is set up with 10 clauses vs. the 8 clauses in ISO 9001:2008. There is

no requirement to have organizations’ re-number any documents or processes per se, however some organizations may find value in doing so. Further detail on the

new structure can be found in documents reviewing Annex SL.

© 2014 NQA, USA

ISO 9001:2015 - #6 Risk is made an explicit requirement

The inclusion of risk and related topics(e.g. opportunities, consequences, controls) is likely the most-discussed change to be seen in 9001:2015. As examples, “Actions to address risks and opportunities”

can be found in section 6, and evidence of risk can also be see in requirements for the QMS and its processes (4.4), Customer focus (5.1.2), and Management review (9.3). Related references to impacts,

consequences, controls, etc. can be found in virtually every section of ISO 9001:2015 requirements. The term “Risk-Based Thinking” has been coined to help the concept of risk pervade throughout the

QMS, and risk has also been incorporated into the process approach model. While many organizations may already practice some level of risk-based thinking, the challenges within 9001:2015 may include

the ability to demonstrate such an approach within their QMS.

Additional reading on risk can be found in these related documents:

• ISO 9001:2015 “Risk Based Thinking” (ISO/TC 176/SC 2/N1221)

• “Risk in ISO 9001:2015” (ISO/TC 176/SC 2/N1222)

© 2014 NQA, USA

ISO 9001:2015 - #7

Additional requirement changes to be aware of include:

© 2014 NQA, USA

ISO 9001:2015 - #8

Some specific requirements have been dropped from ISO 9001: 2008 – ISO 9001:2015 may not be as prescriptive in requiring certain documents or

specific roles. As examples:

It should be noted that these changes do not require organizations to eliminate existing documents, roles, etc. if they are found to be effective or necessary for operation of the QMS, but do provide additional flexibility.

© 2014 NQA, USA

ISO 9001:2015 - #9

Client Competence and Awareness needs

No specific ISO requirement will tell organizations what competencies or familiarity will be required of them for ISO 9001:2015, nor specifically how to gain such knowledge. However as a “change relevant to the QMS” (6.3, 9.3.1)

and thus pertinent to the implementation and maintenance of the QMS, organizations would be advised to review and ensure appropriate levels of

competence and awareness around the 9001:2015 standard. Means to do so may include external training, internal training, self-guided study (or combinations

thereof) so long as evidence confirming competence is retained (7.2).

© 2014 NQA, USA

ISO 9001:2015 - #10

Dual Compliance to ISO 9001: 2008/2015

Organizations should plan to remain compliant to the ISO 9001:2008 standard while preparing for and implementing changes for ISO 9001:2015. Early dis-

association from 2008 requirements may leave organizations without a valid ISO 9001 certification should their 2015 transition not go as planned. Organizations

should consider themselves ISO 9001:2008 certified/compliant until such time as they have their ISO 9001:2015 certificate in hand; only then should they consider

disassembling any 2008-required framework no longer mandated by ISO 9001:2015.

© 2014 NQA, USA

ISO 9001:2015 NQA has already released a series of communications for clients in an awareness-building effort of this coming transition. Much of NQA’s ISO 9001:2015 content may be found at www.nqa-usa.com via the ISO 9001:2015 Revision logo. Additional communications will include web

content, newsletter articles and face to face client conferences.

Additional publically-available resources include:

ISO/DIS/FDIS standard • www.iso.org • www.asq.org • www.ansi.org

ISO Technical Committee TC176 guidance documents • www.iso.org/tc176/sc2

• Go to “Public Information” folder in the “Library” section

NQA-USA • http://www.nqa-usa.com/services/iso9001

• Connects to various downloads, articles and content feeds