ISO 9001:2015

Revision overview

Alex Ezrakhovich

Head of Australian Delegation to ISOTC176,

Member of ISOTC176 SC2 Coordinating Group

October 2014

Purpose of presentation

To provide an overview of the revision of ISO 9001 which

will be published in 2015

Key perspectives

ISO 9001 needs to:

maintain relevance

integrate with other management systems

provide an integrated approach to organizational

management

provide a consistent foundation for the next 10 years

reflect the increasingly complex environments in which

organizations operate

ensure the new standard reflects the needs of all potential

user groups

enhance an organization's ability to satisfy its customers

What was considered?

the results of an extensive web-based user survey

the increasing diversity of ISO 9001 users

developments in knowledge and technologies

broader user interests

changes in industry

customers remain the customers remain the

primary focus

Main changes

an emphasis on risk-based thinking

increased emphasis on achieving value for the organization

and its customers

increase flexibility on the use of documentation

more readily applicable by “service” type organizations

High level structure

a new common format has been developed for use in all

management system standards

standardized core text and structure

standardized core definitions

Organizations implementing multiple

environmental, information security) can achieve

Organizations implementing multiple

management systems (e.g. quality,

environmental, information security) can achieve

better integration and easier implementation

The high level structure and common text is public information and can be found in Annex SL of the

www.iso.org/directives

Quality management principles

QMP 1 – Customer Focus

Statement

The primary focus of quality management is to meet

customer requirements and to strive to exceed customer

expectations.

Rationale

Sustained success is achieved when an organization

attracts and retains the confidence of customers and

other interested parties on whom it depends.

Every aspect of customer interaction provides an

opportunity to create more value for the customer.

Understanding current and future needs of customers

and other interested parties contributes to sustained

success of an organization.

Quality management principles

QMP 2 – Leadership

Statement

Leaders at all levels establish unity of purpose and

direction and create conditions in which people are

engaged in achieving the quality objectives of the

organization.

Rationale

Creation of unity of purpose, direction and engagement

enable an organization to align its strategies, policies,

processes and resources to achieve its objectives.

Quality management principles

QMP 3 – Engagement of People

Statement

It is essential for the organization that all people are

competent, empowered and engaged in delivering value.

Competent, empowered and engaged people throughout

the organization enhance its capability to create value.

Rationale

To manage an organization effectively and efficiently, it

is important to involve all people at all levels and to

respect them as individuals.

Recognition, empowerment and enhancement of skills

and knowledge facilitate the engagement of people in

achieving the objectives of the organization.

Quality management principles

QMP 4 - Process Approach

Statement

Consistent and predictable results are achieved more

effectively and efficiently when activities are understood

and managed as interrelated processes that function as

a coherent system.

Rationale

The quality management system is composed of

interrelated processes.

Understanding how results are produced by this

system, including all its processes, resources, controls

and interactions, allows the organization to optimize its

performance.

Quality management principles

QMP 5 – Improvement

Statement

Successful organizations have an ongoing focus on

improvement.

Rationale

Improvement is essential for an organization to maintain

current levels of performance, to react to changes in its

internal and external conditions and to create new

opportunities.

Quality management principles

QMP 6 – Evidence-based Decision Making

Statement

Decisions based on the analysis and evaluation of data

and information are more likely to produce desired

results.

Rationale

Decision-making can be a complex process, and it

always involves some uncertainty.

It often involves multiple types and sources of inputs, as

well as their interpretation, which can be subjective.

It is important to understand cause and effect

relationships and potential unintended consequences.

Facts, evidence and data analysis lead to greater

objectivity and confidence in decisions made.

Quality management principles

QMP 7 – Relationship Management

Statement

For sustained success, organizations manage their

relationships with interested parties, such as suppliers.

Rationale

Interested parties influence the performance of an

organization.

Sustained success is more likely to be achieved when

an organization manages relationships with its interested

parties to optimize their impact on its performance.

Relationship management with its supplier and partner

network is often of particular importance.

Structure 1/3

Foreword

Introduction

0.1 General /0.2 The ISO standards for quality management /0.3 Process

approach/0.4 Plan-Do-Check-Act cycle /0.5 “Risk-based thinking”/

0.6 Compatibility with other management system standards

1. Scope

2. Normative references

3. Terms and definitions

4. Context of the organization

Understanding the organization and its context

Understanding the needs and expectations of interested parties

Determining the scope of QMS

Quality management system and its processes

5. Leadership

Leadership and commitment

Quality policy

Organizational roles, responsibility and authority

Structure 2/3

6. Planning

Actions to address risks and opportunities

Quality objectives and planning to achieve them

Planning of changes

7. Support

Resources

Competence

Awareness

Communication

Documented information

8. Operation

Operational planning and control

Determination of requirements for products and services

Design and development of products and services

Control of external provisions of products and services

Production and service provision

Release of products and services

Control of nonconforming process outputs, products and services

Structure 3/3

9. Performance evaluation

Monitoring, measurement, analysis and evaluation

Internal audit

Management review

10. Improvement

General

Non-conformity and corrective action

Continual improvement

Annex A (informative) Clarification of new structure, terminology and

concepts

Annex B (informative) Quality management principles

Annex C (informative) The ISO 10000 portfolio of quality management

standards

Bibliography

1.Scope 2.Normative references 3.Terms and definitions

PLAN

4.Context of the organization

• Understanding the organization and its context

• Needs and requirements • Scope • Management System and its

processes 5.Leadership

• General Management commitment • Policy • Roles, responsibility and authority

6. Planning • Actions to address risks &

opportunities • Objectives and plans to achieve

them 7. Support

• Resources • Competence • Awareness • Communication • Documented information

DO

8. Operation

• Operational planning and control • Determination of requirements for products and

services • Control of external provision of products and

services • Design and Development of products and services • Production of products and provision of services • Release of products and services • Nonconforming products and services

CHECK 9. Performance evaluation

• Monitoring, measurement, analysis & evaluation • Internal audit • Management review

ACT 10. Improvement

• Non conformity and corrective action • Continual Improvement

ISO New Clause Structure

QMS Structure

4 Context of the organization

Understanding of the organization and its context

Expectations of interested parties

Scope of management system

QMS and its processes

5 Leadership

Leadership and commitment

Quality policy

Roles, responsibilities and authorities

6 Planning

Actions to address risk and opportunity

Quality objectives

7 Support

Resources

Competence

Awareness

Communication

8 Operation

Operations of planning and control

Determination of market needs and interactions with customers

Operational planning process

Control of external provision of products and services

Development of products and services

9 Performance and evaluation

Monitoring, measurement, analysis and evaluation

Internal audit

Management review

10 Improvement

Nonconformity and corrective action

Continual improvement

PLAN DO CHECK ACT

Documented information

Planning of changes

Production of products and provision of services

Release of products and services

Nonconforming products and services

Knowledge

Quality management system and

its processes

The organization shall establish, implement, maintain and

continually improve a quality management system, including

the processes needed and their interactions, in accordance

with the requirements of this International Standard.

The organization shall retain documented information to the

extent necessary to have confidence that the processes are

being carried out as planned.

Quality management system and

its processes

The organization shall determine the processes needed for

the quality management system and their application

throughout the organization and shall determine:

The required inputs and expected outputs

The sequence and interaction of these

processes

The criteria, methods, measurements and related performance indicators to ensure

the effective operation and control of these

processes

The resources needed and ensure

their availability

Responsibilities and authorities for these

processes

Risks and opportunities with an

appropriate action plan to address them

Methods for monitoring, measuring

and evaluation of processes and, if needed, change

processes to ensure intended results are

achieved

Opportunities for improvement of the

processes and quality management system

4.1 , 4.2, 4.3 Establish

context, define

relevant interested

parties & scope of

QMS

4.4 QMS - General &

Process Approach

5 Leadership

6 Planning

8 Operations

9 Performance

evaluation

Customers &

other

relevant

interested

parties

Requirements Inputs Outputs

Customer

Satisfaction

Products &

services

7 Support processes

10 Continual improvement

*

*

INPUTS

OUTPUTS

Plan the process -(Extent of planning depends

on RISK)

Do – Carry out

the process

Check - monitor / measure

process performance

Inte

raction w

ith o

ther

pro

cesses

Inte

ractio

n w

ith o

the

r pro

cesse

s

Act –

incorporate

improvements

as necessary

Supporting documents

certification transition plan and timeframe

guidance documents on specific topics, e.g. the process

approach

comparison of ISO 9001:2008 and 9001:2015

frequently asked questions

ISO website updates

Clarification of terms

Elimination of “take account” and “address”

The replacement of “establish” with:

“establish, implement and maintain”

“Outcomes” replaced with RESULTS

“Outsourcing” is replaced by “operation of a function or

process of the organization by an external provider”.

Production replaced with “Realization”

More attention to consistency:

defined/identified

as appropriate/as practical

ensured/assured

etc.

Structure and Terminology

The structure of clauses is intended to provide a coherent

presentation of requirements rather than a model for

documenting an organization’s policies, objectives and

processes;

There is no requirement for the structure of the quality

management documentation or a quality manual to mirror

that of the standard.

There is no requirement for the terms used by an

organization to be replaced by the terms used in the

standard to specify quality management system

requirements (for example organizations can use ‘records’,

‘procedures’, ‘protocols’, etc. rather than ‘documented

information’).

Major differences in terminology between

ISO 9001:2008 and ISO 9001:2015

ISO 9001:2008

ISO 9001:2015

Products

Products and services

Exclusions

Not used (may be applicability)

Documented procedure, records

Documented information

Work environment

Environment for the operation of processes

Purchased product

Externally provided products and services

Supplier

External provider

Outsourced

Externally provided

Monitoring and measuring equipment

Monitoring and measuring resources

Products and services

ISO 9001:2008 used the term ‘product’ to include all output

categories.

This International Standard uses ‘products and services’.

The term ‘products and services’ includes all output

categories (hardware, services, software and processed

materials).

Concepts related to results and related

concepts – outputs, products, services

success

(3.7.2) achieving an

objective

performance

(3.7.5) measurable result

sustainable success (3.7.2.1)

success over a period of time

risk (3.7.4)

effect of uncertainty on an expected result

objective (3.7.1)

result to be achieved

quality objective

(3.7.1.1)

objective related to

quality output (3.7.3)

result of a process

efficiency (3.7.6)

relationship between the result achieved and the resources

used

effectiveness

(3.7.7) extent to which

planned activities are realized and planned

results achieved

service (3.7.3.2)

intangible output that is the result of at least one activity

necessarily performed at the interface between

the provider and the customer

product (3.7.3.1)

output that is a result of activities

where none of them necessarily is

performed at the interface between

the provider and the customer

Products and services

The specific inclusion of ‘services’ is intended to highlight

the differences between products and services in the

application of some requirements.

The characteristic of services is that at least part of the

output is realised at the interface with the customer.

This means, for example, that conformity to requirements

cannot necessarily be confirmed before service delivery.

Products and services

In most cases, the terms ‘products’ and ‘services’ are used

together.

Most outputs that organizations provide to customers, or are

supplied to them by external providers, include both

products and services.

The organization needs to take into account where, for

example, a tangible product has some associated intangible

service or an intangible service has some associated

tangible product

OUTPUT

RESULT OF A PROCESS

There are four generic output categories, as follows:

services (e.g. transport);

software (e.g. computer program, dictionary);

hardware (e.g. engine mechanical part);

processed materials (e.g. lubricant).

OUTPUT

Many outputs comprise elements belonging to different generic output

categories.

Whether the output is then called:

service,

product,

software,

hardware or

processed material

depends on the dominant element.

For example, a car consists of:

hardware (e.g. tires),

processed materials (e.g. fuel, cooling liquid),

software (e.g. engine control software, driver's manual), and

service (e.g. operating explanations given by the salesman).

The ownership of a product can usually be transferred. This is not

necessarily the case for a service.

SERVICE

INTANGIBLE OUTPUT THAT IS THE RESULT OF AT LEAST

ONE ACTIVITY NECESSARILY PERFORMED AT THE

INTERFACE BETWEEN THE PROVIDER AND THE CUSTOMER

Provision of a service can involve, for example, the following:

an activity performed on a customer-supplied tangible product

(e.g. a car to be repaired);

an activity performed on a customer-supplied intangible

product (e.g. the income statement needed to prepare a tax

return);

the delivery of an intangible product (e.g. the delivery of

information in the context of knowledge transmission);

the creation of ambience for the customer (e.g. in hotels and

restaurants);

A service is usually experienced by the customer.

PRODUCT

OUTPUT THAT IS A RESULT OF ACTIVITIES WHERE

NONE OF THEM NECESSARILY IS PERFORMED AT

THE INTERFACE BETWEEN THE PROVIDER AND THE

CUSTOMER

Hardware is generally tangible and its amount is a

countable characteristic.

Processed materials are generally tangible and their amount

is a continuous characteristic.

Hardware and processed materials often are referred to as

goods.

Software consists of information and is generally intangible

and can be in the form of approaches, transactions or

documented information.

Context of the organization

There is no requirement in the standard for the organization

to consider interested parties which are not be relevant.

There is no requirement to address a particular needs and

expectations of relevant interested parties if the organization

considers that need and expectation not to be relevant.

The organization may decide to accept some additional

requirements to satisfy interested parties going beyond what

is strictly required by the standard.

Risk-based thinking

One of the key purposes of a formal management system is

to act as a preventive tool

Consequently, there is no separate clause or sub-clause

titled ‘Preventive action’ in the standard because the

requirements are now formulated to encourage risk-based

thinking throughout the planning, implementation,

performance evaluation and improvement of the quality

management system.

The risk-driven approach has also facilitated some reduction

in prescriptive requirements and their replacement by

performance-based requirements.

Although risks have to be determined and addressed, there

is no requirement for formal risk management or a risk

management system.

Application

The standard no longer makes specific reference to

exclusions when determining the applicability of the

requirements of the standard to the organizations quality

management system.

However, it is recognised that some adaptability of

application of requirements may be justified due to the size

of an organization, the management model it adopts, the

type of the organizations activities, and the nature of the

risks and opportunities it encounters.

However, this adaptability should not result in an increased

probability of failure to consistently provide conforming

products and services or a reduction in the organizations

potential ability to enhance customer satisfaction.

“Documented Information” or

“Documents & Records”

While this is a change in terminology from ISO 9001:2008,

the term ‘documented information’ does not need to be

adopted within an organization’s quality management

system.

Organizations can choose to use terms which suit their

operations and the changes introduced by the use of new

technology.

Where ISO 9001:2008 would have referred to documented

procedures (e.g. to define, control or support a process) this

is now expressed as a requirement to maintain documented

information.

Where ISO 9001:2008 would have referred to records this is

now expressed as a requirement to retain documented

information.

Organisational knowledge

Clause 7.1.5 Organisational knowledge addresses the need

for organization to determine and maintain the knowledge

obtained by the organization, including by its personnel, to

ensure that the organization can achieve conformity of

products and services.

The process for considering and controlling past, existing

and additional knowledge needs to take account of the

organization’s context, including its size and complexity, the

risks and opportunities it needs to address, and the need for

accessibility of knowledge.

The balance between knowledge held by competent people

and knowledge made available by other means is at the

discretion of the organization, provided that conformity of

products and services can be achieved.

Control of external provision of

products and services

Clause 8.6 Control of external provision of products and

services – addresses all forms of external provision,

whether it is by purchasing from a supplier, through an

arrangement with an associate company, through the

outsourcing of processes and functions of the organization

or by any other means.

The organization is required to take a risk-based approach

to determine the type and extent of controls appropriate to

particular external providers and externally provided

products and services.

There is no requirement for the organization to adopt the

use of the terms ‘external provider’ or ‘external provision’

within their quality management system.

Organizations can choose to use terms which suit their

operations.

The ISO 10000 portfolio of quality

management standards

The International Standards (and other ISO deliverables)

have been produced as part of the ISO 10000 portfolio of

quality management standards by ISO's Technical

Committee ISO/TC 176.

These International Standards can provide assistance to

organizations when they are establishing or seeking to

improve their quality management systems, their processes

or their activities.

Table shows the relationship between these standards and

the pertinent clauses of ISO9001.

The relationship of other ISO quality management and quality

management system standards (and other deliverables) to the

clauses of ISO 9001

ISO 9001

Clause No.

4

5

6

7

8

9

10

ISO 9000 All All All All All All All

ISO 9004 All All All All All All All

ISO 10001 8.2.4,

8.5.1 9.1.2

ISO 10002 8.2.4 9.1.2

ISO 10003 9.1.2

ISO 10004 9.1.1

ISO 10005 5.3 6.1,

6.2

All All 9.1 10.2

ISO 10006 All All All All All All All

ISO 10007 8.4.4

ISO 10008 All All All All All All All

ISO 10012 7.1.4

ISO/TR 10013 7.5.1

ISO 10014 All All All All All All All

ISO 10015 7.2

ISO/TR 10017 6.1 7.1.5 9.1

ISO 10018 All All All All All All All

ISO 10019

8.4

ISO 19011

9.2

Other important Information

The revision of ISO 9001 will impact on other related

standards and documents.

Expect changes to:

industry-specific standards

supporting documents

ISO 9001:2015 Timeline

June 2013 CD

(Committee Draft)

May 2014 DIS

(Draft International Standard)

July 2015 FDIS

(Final Draft International Standard)

September 2015

Published International Standard

2015 2014 2013

ISO 9001:2015 Certification

Transition Timeline

September 2015 start of 3 years transition period to

September 2018

•Certifications to ISO 9001:2008 will no longer be valid

after September 2018

2018 2017 2016 2015

September 2015

Published International Standard

Deadline for the accepting application for

certification to the ISO9001:2008 is 18 month

I need to ensure my organization...

knows about the key changes

understands the key concepts

plans to implement the new requirements

stays informed as the revision proceeds

takes full advantage of the revision of ISO 9001

ISO Connect

May 16 2014

ISO/DIS 9001 and ISO/DIS 9000 Quality Management System

Published

ISO 9001 and ISO 9000 Quality Management Systems has been

published as a Draft International Standard (DIS) and is now

available.

Main changes include

the same high-level structure used by other management system

standards which will help companies implementing more than one

standard,

the identification of risk and risk control as requirements in the

standard,

the requirement of top management to take a more active role in

aligning quality policies with business needs, and

a number of changes in terminology

DIS ballot for ISO 9001 was

approved on the 10th of

October by a VERY

comprehensive margin:

90% positive vote!

Latest news

What is next?

Updates will be made available as the

revision proceeds

Thank you!

alex@aeconformity.com

www.aeconformity.com

Results of DIS Ballot

:428 pages 3115 comments

Results of Ballot and comments – 3115

comments on 428 pages

Result of voting

P-Members voting: 64 in favour out of 72 = 89 %

(requirement >= 66.66%)

(P-Members having abstained are not counted in this

vote.)

Member bodies voting: 8 negative votes out of 79 = 10 %

(requirement <= 25%)

Approved

Canada

Finland

Germany

Ireland

Israel

Japan

South Africa

USA

Negative ballot:

PROCESS APPROCH