The changes being made in ISO 9001:2015 are considerably more substantial than those produced during the 2008 revision. Below is a short summary of the main developments. Without debating their benefits, we will attempt to highlight some reasons for these changes.
1. The standard is rewritten according to the HLS (High Level Structure)
The ISO 9001:2015 standard has been restructured: chapter and subchapter titles, as well as the order of clauses and paragraphs, were completely revised.
Overall, this restructuring does not affect the standard’s content or requirements. When examining the text in detail, however, the structure has changed to comply with new composition guidelines and topic sequences.
This change reflects a strategic choice that will gradually be applied all ISO standards of management system. Initiated on ISO 55001 (Asset Management System), the new structure is consistent with Appendix SL to the ISO Directives, Part I.
With this new common structure, ISO aims to help businesses and organizations more easily integrate all or parts of their various management systems and ultimately achieve a truly unified management system.
This consistent common structure makes it easier for companies to include components of other standards that it deems relevant: parts of the environmental standard ISO 14001:2015, the asset management standard ISO 55001 and even the future ISO 45001 standard on occupational health and safety management.
2. Risk management becomes a foundation of the standard
Each major revision of the standard introduces a concept that allows certified companies to reach a new level of maturity.
Risk management based on a “risk-based thinking” approach has become fundamental in the revised standard: risk identification, qualification and management. Quality results from proper management of these risks, which go beyond the strict scope of the product or service delivered. Quality cannot exist unless the organization can provide its client a conforming product or service over the long term.
Risk has its counterpart: opportunity. The ISO 9001:2015 standard also embraces this concept of positive uncertainty.
Of course, risk is an additional concept that in no way supersedes the concept already present in the standard. Risk is incorporated into the fundamentals and rounds out these notions. As such, the process approach and PDCA remain two essential pillars.
Managing risk also means working towards continuous improvement. Corrective action corresponds to an unidentified, wrongly qualified or mismanaged risk; preventive action addresses a risk of possible but un-occurred noncompliance.
The commitment to quality through strong and visible leadership is strengthened:
- The idea of a “management representative” disappears completely.
- The quality policy and stated goals must be deeply in keeping with the strategic orientations.
- QMS requirements must be merged into business processes.
4. A standard purposely open to the service industry
The context in which organizations evolve has changed and the revision of the standard takes into account the evolutions in the way organizations do their business or activities. Originally drawn up for manufacturing and industrial sectors, ISO9001:2015 has been a victim of its own success, and many organizations from other areas have made it their own.
The ISO9001:2015 revision takes these changes into consideration. Its choice of vocabulary and level of abstraction simplify implementation in all industries, including services.
5. No more quality manual?!
Once an integral part of the ISO standard, will the quality manual disappear?
Indeed, it is quite possible, but not in the near future, as the idea of the quality manual is deeply rooted into the culture of quality.
The revision no longer requires certified organizations to maintain an up-to-date quality manual. Be aware, however, that the documentation requirement is still part of the standard. It is still necessary to document, maintain and preserve relevant information. A quality manual therefore remains one possibility for fulfilling this requirement, albeit not the sole solution.
The purpose of the standard is to take account of technological and societal changes. Information is no longer created, organized, managed, maintained, disseminated and accessed as it was 20 years ago when paper was the primary medium.
This change also allows for greater flexibility in companies’ organization. It is now possible to comply with the standard without jeopardizing managerial agility, as long as the fundamental principles are respected.
6. Importance given to the context surrounding the certified organization and to its stakeholders
Two new clauses (4.1 and 4.2) require greater consideration of the context surrounding the organization. They require a context analysis, as well as the stakeholder identification and the understanding of their expectations.
7. Knowledge is a resource like any other
In its 2015 revision, ISO 9001:2015 is once again adapting to its times. Knowledge has become key to successful projects and business development. The new standard considers knowledge like any other resource to be managed:
- Identify the knowledge necessary to carry out the activity in compliance with the QMS and to achieve the defined objectives.
- Knowledge must be maintained, protected and made available where necessary.
- Anticipate changes in knowledge needs and manage the risk of failing to acquire knowledge in due time.