ISO 9001 has undergone major revisions for 2015. Revisions akin to the 2000 version of the Standard. This is the first major set of changes since that year! What do organizations implementing or transition have to consider with the fall 2015 publication?
1. Clause 0.6 in the Introduction section of the draft ISO 9001:2015 standard is titled, "Compatibility with other Management System Standards." It notes that ISO 9001:2015 has adopted the new high-level structure developed by ISO to improve the alignment of all of its management system standards (ISO 14001, ISO 22000, ISO 27001, etc.) The high-level structure is defined in Annex SL of the ISO Directives and provides common:
· Clause sequence
The ISO 9001:2015 requirements are defined in an order that is consistent with organizational planning and process management:
· Context of organization and its system and processes (Clause 4)
· Leadership, policy, and responsibilities (Clause 5)
· Processes for planning and considering risks and opportunities (Clause 6)
· Processes for support, including resources, people, and information (Clause 7)
· Operational processes related to customers, products, and services (Clause 8)
· Processes for performance evaluation (Clause 9)
· Processes for improvement (Clause 10)
2. Context of the organization
Understanding an organization and its context, and the needs and expectations of interested parties, is central to maintaining a business. Section 4.1 of the revision requires an organization to determine "external and internal issues that are relevant to its purpose and its strategic direction."
After they are determined, the organization is to monitor those internal and external issues. The clause further requires an assessment of the organization’s ability to achieve the intended results of its QMS. The tool most capable of supporting compliance to section 4.1 is a SWOT or strengths, weaknesses, opportunities, and threats analysis. Another tool, the balanced scorecard, is also a likely candidate. Both are products of business, not necessarily quality management.
At its face, "business thinking" is a welcome addition to the standard, addressing a long-standing complaint that ISO 9001 is not understood as a business system with an output of quality.
3. Planning for the QMS
Clause 6.1, "actions to address risks and opportunities," is perhaps the single-most talked about addition to the standard. Clause 6.1 weaves together previous elements 4.1 and 4.2, understanding the context of the organization, and the needs and expectations of interested parties by requiring that analysis of these issues become actionable risk-based plans, targets and goals.
The accompanying note to section 6.1.2 provides excellent guidance in this regard, saying "Options to address risks and opportunities can include: avoiding risk, taking risk in order to pursue an opportunity, eliminating the risk source, changing the likelihood or consequences, sharing the risk or retaining risk by informed decision."
There is no mention of preventive action in ISO 9001:2015; it is expressed through the phrase "risk-based thinking." Clauses 6.1.1 and 6.1.2 continue the theme of borderless business and quality system planning and management. The risk-based thinking approach in ISO 9001:2015 is basic: After you know your challenges, develop appropriate plans and monitoring methods to mitigate the risk of inaction or incorrect in these defined areas.
4. Organizational knowledge
Clause 7.1.6 ushers in the discipline of knowledge management through the requirement that "the organization shall determine the knowledge necessary for the operation of its processes and to achieve conformity of products and services." The point is that knowledge—what, how, when and often why—is required to generate consistent and conforming products.
Furthermore, the right people need access to this knowledge to create this desired outcome. Organizational knowledge management requires analysis and planning that are unique to each organization to balance the typical blend of competent people no longer requiring tools—such as work instructions—against those who do.
In ISO/DIS 9001:2015, Clause 4.3, determining the scope of the QMS, you will no longer find references to the term "exclusions." Instead, it’s up to the organization to decide which elements do not apply.
The choice to disregard a requirement is not allowed, however, if it pertains to normal operations. Furthermore, the text states, "If any requirement(s) of this international standard cannot be applied, this shall not affect the organization’s ability or responsibility to ensure conformity of products and services." The issue of applicability is tied to whether your organization is capable of producing consistent, conforming product.
There are other changes that organizations will need to consider:
· There is no longer a requirement for a Quality Manual
· “Product” is now “Products and services”
· The title “Management Representative” is gone, because:
· Management Responsibility has been revised to Leadership
· There is no longer a requirement for 6 documented procedures
· Document & Record Control is now Control of Documented Information
· The Process Approach is now mandatory
· “Outcomes Matter” – the emphasis is upon performance, not compliance
. The use of ISO 9000:2015 for definitions.