ISO 9001 is a standard that sets out the requirements for a quality management system. It helps businesses and organizations to be more efficient and improve customer satisfaction while managing business risks more effectively. All organizations certified to ISO 9001:2008 need to upgrade to ISO 9001:2015 standard.
ISO 9001:2015 is designed to make the standard more generic and more easily applicable to service industries. Therefore, the term “product“ has been replaced by “products and services“ when specifically referring to the deliverables for the customer.
The most noticeable change to the standard is the new structure with 10 clauses. ISO 9001:2015 now follows the same overall structure as other ISO management system standards (known as the High-Level Structure), making it easier for anyone using multiple management systems.
How to address new requirements and amendments of ISO 9001:2015 standard and migrate from ISO 9001:2008 standard.
Context of the organization
The high-level structure and the core text established in Annex SL, Appendix 2, have introduced two new clauses related to the context of the organization: 4.1 Understanding the organization and its context 4.2 Understanding the needs and expectations of interested parties
These two clauses require the organization to determine the issues and requirements that can impact the planning of the quality management system (QMS) and can be used as input for the development of the QMS. The stakeholder approach, considered one of the most modern corporate governance principles, is new. This approach is based on the assumption that long-term business success can only be ensured by considering the requirements of company stakeholders.
In comparison to “Customer Relationship Management“ (CRM), which only addresses the relationship between an organization and its customers, the principle of Stakeholder Relationship Management (SRM) goes significantly further. It tries to balance the relationship of the organization with all, or with the most important, stakeholders/interested parties. These could include direct consumers, suppliers and retailers and other parties along the supply chain, authorities and other relevant interested parties.
As a new feature, the term “interested parties“ now also includes owners, people in an organization, bankers and even competitors. Although ISO 9001:2015 now points out that organizations must determine the requirements of the relevant interested parties, there is no new requirement to ensure goods and services meet the needs and expectations of these parties (with the exception of customers and authorities). Such a requirement would necessitate a change to the scope of the standard that is not permitted by the design specification for the final draft.
Process approach
The ISO 9001:2008 standard promoted the adoption of a process approach when developing, implementing and improving QMS effectiveness. The new standard does so even more explicitly in Section 4.4 Quality management system and its processes. This sub-chapter lists the essential requirements of a process-focused management approach. Inputs and outputs of each process must be defined. In the future, the standard will require the measurement of performance indicators and the assignment of responsibilities.
Risk-Based Thinking and preventive actions
The high-level structure and core texts specified in Annex SL, Appendix 2, does not include a clause stating specific requirements for “preventive action“. The reason is that acting as a “preventive tool“ is one of the key purposes of a formal management system. The emphasis on a risk-based approach is referenced in many places in the new QMS standard, from risk-based thinking in sub-clause 4.4 “Quality management system and its processes“, leadership issues in sub-clause 5.1.1 and a separate sub-clause in Section 6.1.2 “Actions to address risks and opportunities“ to risk-based approaches in “Operational planning and control“ (clause 8.1) and “Management review“ (clause 9.3). While ISO 9001:2015 demands that risks are identified and acted upon, there is no requirement for standardized risk management. It can be implemented as per choice and preference of the organization.
Documented information
The term “documented information“ replaces the previous terms “document“ and “record“. The intention was to give users more flexibility. This also applies to process descriptions. The organization determines the extent of documented information on processes, depending on factors such as process complexity or employee competence. Documented procedures previously required by the standard are no longer necessary.
Management responsibility
ISO 9001:2015 increases “management responsibilities“. The responsibilities of a Quality Management Representative now rest with top management but can still be delegated.
Management review
The scope of the management review is extended by the addition of the aspects “strategic direction of the organization“, consideration of the “relevant interested parties“ and “assessment of risks and opportunities“ at a strategic level.
In addition to this, ISO 9001 QMS standard requires more focused planning for quality objectives, process measurement, knowledge management, more emphasis on outsourcing management, external property, and change management.
MyEasyISO provides an easy to use and comprehensive tool to enable organizations to implement ISO 9001:2015 & migrate from ISO 9001:2008 to ISO 9001:2015 standard quickly, easily, effectively and in an employee friendly manner. Get a free trial at www.effivity.com
