This webinar was organized and presented by PECB International to learn about the changes of ISO 9001 standard, which is the world’s most popular standard for quality management.
In this webinar, you will learn about:
• Why ISO 9001 is changing?
• The new ISO 9001 structure
• What are the significant proposed changes?
• Understanding the difference between ISO 9001: 2008 and ISO 9001: 2015
• Planning the QMS transition
• Benefits of the new standard
This webinar was hosted by Lorika Bina, Course Development Manager for Quality Management Systems (QMS) at PECB International. She is in charge of developing and maintaining training courses related to QMS. Lorika holds a B.S. in Business Management from Rochester Institute of Technology.
PECB Webinar: ISO 9001:2015 Transition – Understanding the changes
1. Transition
ISO 9001:2008 to ISO 9001:2015
Lorika Bina
Course Development Manager (QMS)
PECB International
qms@pecb.com
www.pecb.org
2. Agenda
• An overview of ISO 9001
• Why are revisions needed?
• ISO 9001:2015 development stages
• ISO 9001 most significant changes
• Related standards affected by this change
• Recommendations
3. An overview of ISO 9001
ISO 9000 family addresses various aspects of quality
management.
ISO 9001 sets out the requirements of a quality
management system, and it is the only standard in the
family that can be certified to.
Over one million companies and organizations in over
170 countries.
4. An overview of ISO 9001
Industry survey results (ISO survey 2013)
,0
200,000
400,000
600,000
800,000
1000,000
1200,000
1993 1995 1997 1999 2001 2003 2005 2007 2009 2011 2013
ISO 9001 - Worldwide total
Middle East
Central and
South Asia
East Asia and
Pacific
Europe
North America
Central and
South America
Africa
5. Why is ISO 9001 being revised?
All ISO standards are considered for
revision periodically to assure relevance
and adequacy.
In 2012, international ballot agreed the
need for ISO 9001 revision
Information availability
Increased service prominence
Increased interested parties’ expectations
Better integration with other MSS*
More complex supply chain
Globalization
ISO standards
Revision
Considerations
ISO 9001:2008
Revision
Considerations
6. Revision Timeline
June – October 2012
June – September 2013
May – October 2014
Current
February 2015
September 2015
May – June 2012
Proposal Stage Committee Stage
(CD)
Approval
Stage (FDIS)
Preparatory Stage Enquiry Stage (DIS)
Expected
publication
ISO 9001 revision
8. Annex SL
High level structure
for development of
new ISO
management
systems standards;
Identical core texts;
common terms and
definitions for use
in all management
systems standards;
Enhance the
consistency and
alignment of
different
management
systems standards;
Beneficial for
Integrated
Management
Systems;
9. ISO 9001:2015 Structure
New standard will have 10 clauses
Section 1 Scope
Section 2 Normative references
Section 3 Terms and definitions
Section 4 Context of the organization
Requirements
Section 5 Leadership
Section 6 Planning for the quality management system
Section 7 Support
Section 8 Operation
Section 9 Performance evaluation
Section 10 Improvement
Annex A Clarification of new structure, terminology and concepts
Annex B Quality management principles
Annex C The ISO 10000 portfolio of quality management standards
10. Quality principles (ISO 9001:2008 vs
ISO/DIS 9001
ISO wants to change 8 quality principles to 7
ISO Principles
Current 8 QMPs Proposed 7 QMPs
1. Customer focus 1. Customer focus
2. Leadership 2. Leadership
3. Involvement of people 3. Engagement and competence of people
4. Process approach 4. Process approach
5. System approach to management 5. Improvement
6. Continual improvement 6. Informed decision making
7. Factual approach to decision making 7. Relationship management
8. Mutually beneficial supplier relationships
11. Process Approach
ISO/DIS 9001, clause 0.3
Customer
Satisfaction
Customers
& other
relevant
interested
parties
5 Leadership
8 Operations
6 Planning
9 Performance
evaluation
4.1, 4.2, 4.3
Establish context,
define relevant
interested parties
& scope of QMS
10 Continual Improvement
7 Support Processes
4.4 QMS- General
Process - Approach
OutputsInputs
Products &
Services
Requirements
*
*
12. Risk-based approach
One of the key changes in
the ISO 9001:2015 standard
is to establish a systematic
approach to risk.
The standard
promotes risk-based
thinking.
Instead of being only
part of the preventive
action procedure, risk
is considered
thoughout the quality
management system.
1
2 3
13. Where is risk addressed in ISO 9001:2015?
Risk can be found in all clauses
of ISO/DIS 9001ISO 31000
Introduction
Definitions
Risk-based thinking concept is explained
in clause 0.5 of ISO/DIS 9001.
The ISO/DIS 9001 references ISO 31000
wich is a standard that provides guidance
to risk management.
The risk-based approach is used
throughout the revised quality
management system standard.
Risk is defined in clause 3 of IDO/DIS 9001, as
the effect of uncertainty on an expected result..
14. Why should I adopt risk-based thinking?
To establish a proactive culture of prevention and
improvement.
To improve customer confidence and satisfaction.
To assure consistency of quality of goods and services.
Successful companies intuitively take a risk-based
approach.
Why adopt
risk-based
thinking?
15. Terms and Definitions
ISO/DIS 9001, clause 3
Terms and Definitions
Since ISO 9000 is not anymore a
reference in Normative References
section of the ISO/DIS version of
the standard, all the terms and
definitions are included in the
standard itself.
Some of the new terms that have
been added to the standard include
goods and services, documented
information, monitoring,
performance, outsource,
involvement, risk, and so on.
Risk
Monitoring
Performance
Involvement
Outsource
Process
16. Context of the organization
ISO 9001:2015 – Clause 4
4.1 Understanding the organization and its context
4.2 Understanding the needs and expectations of interested parties
4.3 Determining the scope of the QMS
4.4 Quality management system and its processes
17. Leadership
ISO 9001:2015 – Clause 5
LEADERSHIP
5.1 Leadership and commitment
Term changed from “management commitment”.
5.2 Quality policy
No quality manual required, only the quality policy
5.3 Organizational roles, responsibilities and
authorities
No management representative
18. Planning for quality management system
ISO 9001:2015 – Clause 6
Planning
6.1 Actions to address risks and opportunities – New!
The organization is required to take actions to identify risks and opportunities.
6.2 Quality objectives and planning to achieve them
ISO 9001:2015 sets more clear requirements on planning how the objectives should be
realized.
6.3 Planning of changes
ISO 9001:2008; 5.4.2 under (b) required that an organization needs to ensure QMS
integrity when changes are planned and implemented.
19. Support
ISO 9001:2015 – Clause 7
7.1 Resources 7.3 Awareness
7.5 Documented
Information
7.4 Communication
Except for internal,
communication in IDO/DIS
9001 includes external
communication as well
7.2 CompetenceResources in ISO 9001:2015
include people, infrastructure,
environment for the operation
of processes, monitoring and
measuring resources,
organizational knowledge
Clear statement that awareness
now includes the quality policy,
objectives, contribution and
implications of non-conforming
with the requirements.
More flexibility of the type of
documents, but format must be
appropriate and documented
information must be controlled
Slight re-wording and a
NEW note.
20. Operation
ISO 9001:2015 – Clause 8
8.2 Determination of requirements for
products and services
‘Services’ were added in the requirement, whereas in the 2008
version the term ‘product’ included all output categories
8.1 Operational planning and control
“Product realization” clause of 2008 version has been replaced
with “operation”.
8.3 Design and development of
products and services
This 8.3.1 is an additional sub-clause to describe when “design
and development” process is applicable
No verification and validation
8.4 Control of externally provided
products and services
This is compatible with purchasing in ISO 9001:2008
Modification done to avoid confusion
8.5 Production and service provision
Now it is required from organizations to address properties from
suppliers, outsourced parties or other external providers.
Post-delivery activities & Control of changes – New!
8.6 Release of products and services
In ISO 9001:2008 it is “8.2.4 Monitoring and measurement of
product”, whereas the term was changes in the new version to
“8.6 Release of products and services
8.7 Control of nonconforming
process output
No requirement for “documented procedure”.
21. Performance evaluation
ISO 9001:2015 – Clause 9
Slight modifications in this
requirement, as it has not
requirement for
‘’documented procedure’’.
Clause 8 Measurement,
analysis and
improvement of ISO
9001:2008 has been
divided between clauses
9 and 10 in the ISO/DIS
9001
9.3 Management review
Only the number of clause ‘5.6 Management
review” was changed to 9.3
22. Improvement
• This is a new clause to fit
Annex SL format, but it
contains requirements from
clause 8 of ISO 9001:2008
• ISO 9001:2015 pays more
attention to improvement
• Improvement includes
improvement to process,
product and QMS results.
• Preventive action was removed
from the new version of the
standard
ISO 9001:2015 – Clause 10
Maintenance
Implementation
Improvement
23. Related standards affected by this change
• TL 9000 – QMS for Telecom
• AS9100 - QMS for Aviation, Space, and Defense
Organizations
• ISO 29001 - QMS for the Petroleum and Natural Gas
Industry
• ISO/TS 16949 - QMS for Automotive Industry
• ISO 13485 – QMS for Medical Devices
Sector-specific standards
24. Recommendations
Organizations using ISO 9001:2008 can do the following:
Identify organizational gaps which need to be addressed to
meet new requirements.
Develop an implementation plan.
Provide appropriate training and awareness for all
parties that have an impact on the effectiveness of the
organization.
Update the existing quality management system (QMS) to
meet the revised requirements and provide verification of
effectiveness.
Where applicable, liaise with their Certification Body for
transition arrangements.
What can
we do?
One of the most used ISO standard worldwide is ISO 9001 (Quality Management System - QMS). ISO 9000 family addresses various aspects of quality management for organizations who want to ensure that their products and services meet customer’s requirements.
This standard is implemented by more than 1 million organizations in more than 170 countries. ISO 9001 gives the requirements for a Quality Management System enabling organizations to meet their customer quality requirements in terms of customer satisfaction, regulatory compliance and continual improvement.
Comprehensive growth of the 2013 edition has reached a 4% increase in the number of certifications that were issued on the entire ISO management system family. As a result of the survey conducted, ISO standards have shown growth in the respective set of standards, such as: information security management (ISO/IEC 27001) showed an increase of 14%, food management (ISO 22001) and medical devices sector (ISO 13485) showed an increase of 15 %. Strikingly, the US tops the certification charts for medical devices, a field otherwise dominated by Europe which claims a substantial 60 % share of the market.
ISO 9001 and ISO 27001 are the standards that remain strong in the European and American markets, they are considered blueprints of the ISO standards. These standards have grown ever since the 1990s, and the ISO 9001 has shown a continually stable growth of 3%, whereas ISO 27001 has surpassed the previous standard and showed an increase of 6%. Although these two standards are the most used standards, ISO 9001 enjoys a higher popularity among 187 countries. Another ISO standard that has shown an increase of 7% is ISO 16949, the automotive quality management system. Finally, the fastest growing standard with the highest growth rate is the energy management system standard, the ISO 50001, which reached a 116% increase. This standard remains mostly implemented in Europe, namely Germany.
Source: www.iso.org
ISO performs systematic reviews every 5-8 years to keep these standards up-to-date. It adjusts them to changes in the environment with the aim at improving organization’s ability to offer products and services that meet customer’s requirements.
ISO 9001 needs to change to:
adapt to a changing world
enhance an organization's ability to satisfy its customers
provide a consistent foundation for the future
reflect the increasingly complex environments in which organizations operate
ensure the new standard reflects the needs of all interested parties
integrate with other management systems
The new version of ISO 9001:2008 will be released in September 2015. The latest draft of the standard, ISO/DIS 9001 (Draft International Standard), was moved to the final stage of the review after it received around 90% approval votes. During the ISO/FDIS 9001 (Final Draft International Standard), the subcommittee goes through the public comments given in the previous stage of the development, and incorporate those relevant to the aim of the final draft.
September 2015 start of 3 years transition period to September 2018
Certifications to ISO 9001:2008 will no longer be valid after September 2018
Within the changes that the ISO has posed in the ISO 9001, Annex SL, is what has previously been known as ISO Guide 83. Annex SL provides the basis of a generic management system. It is created in such a form that it helps companies of all sizes implement the management systems easier and with the same accuracy, with less documented requirements. Annex SL, remains an important tool for the businesses that will implement multiple management systems. It is designed in a generic form that encompass a “high level structure”, the core of which consists of 8 clauses and 4 appendices that will cover areas from support to operations, and leadership to planning.
ISO 9001:2015 and all future management system standards will follow the new common structure for management system standards. This will help organizations with integrated management systems. More and more organizations have to manage several compliance frameworks simultaneously. To simplify the work, to avoid conflicts and to reduce duplication of documents, it is recommended to implement an integrated management system. An integrated management system (IMS) is a management system which integrates all components of a business into one coherent system so as to enable the achievement of its purpose and mission.
The ISO 9001:2008 standard is based on eight quality principles which are usually used by the top management as a guide to quality improvement. They are defined in ISO 9000 and in ISO 9004. However, these principles are going to be modified in the ISO 9001:2015 version. The new version of the standard will be based on seven principles and they include: customer focus, leadership, engagement and competence of people, process approach, improvement, informed decision making, and relationship management.
In terms of terminology the first and second principles, customer focus and leadership, have not changes from the 2008 version. The third principle, “involvement of people”, is renamed to “engagement and competence of people”. The fourth principle (Process Approach) has remained the same, whereas the fifth one has merged with the fourth one and has been removed, bringing the number of principles to seven. In addition, some terminology modification was made to the sixth, seventh, and eighth principle. The sixth principles was modified from “continual improvement” to “improvement” only. The seventh was modified from “factual approach to decision making” to “informed decision making”, and the last one was modified from “mutually beneficial supplier relationships” to “relationship management”.
The new version of ISO 9001 promotes the process approach beyond the existing requirements of ISO 9001:2008
The application of the process approach will vary from one organization to the next depending on its size, complexity and activities
Organizations often identify too many processes
Requirements for adopting a process approach can be found in clause 4.4 of ISO/DIS 9001.
Risk-based thinking is what people regularly do to make decisions.
Organizations face external and internal risks that endanger the possibility of achieving their goals and objectives. This is why in ISO/DIS 9001 the concept of risk is built into the entire management system.
The risk-based thinking is more explicit in the new version of the standard, whereas risk concepts were only implicit in the 2008 version. For example, by identifying nonconformities as a type of risk through preventive action analysis.
Risk can be found in the following:
Clause 4 (Context) the organization is required to determine the risks which may affect the quality management system.
Clause 5 (Leadership) top management is required to ensure that clause 4 is followed.
Clause 6 (Planning) the organization is required to take actions to identify risks and opportunities.
Clause 8 (Operation) the organization is required to implement processes to address risks and opportunities.
Clause 9 (Performance evaluation) the organization is required to monitor, measure, analyse and evaluate the risks and opportunities.
Clause 10 (Improvement) the organization is required to continually improve its processes while responding to changes in risk.
The ISO/DIS 9001 version of the standard has a list of terms and definition since a revised ISO 9000 is not yet released. The list of terms and definitions in ISO/DIS 9001 will be modified after the new version of ISO 9000 is published.
Except for the change in structure of ISO 9001, the standard has some important changes in terminology as well. As of the ISO/DIS 9001 version, the word “product” is replaced by “good and services”. This was done due to the high growth of the service industry, as such making the adoption of the standard easier for that sector.
The words “document” and “record” were replaced with the term “documented information”. This was done in order not to specify the type of documentation that the organization needs to use, but instead to chose the documentation method based on the nature of nonconformity, subsequent actions, and consequences.
Some definition are revised in ISO/DIS 9001, such as “corrective action” and “continual improvement”, whereas others have not been revised, such as “conformity” and “nonconformity”. There were 69 terms included in the standard and some of them include:
documented information, outsource, risk, product, service, organization, interested party, data, statutory requirements, regulatory requirements, provider, context of the organization, function, knowledge, performance indicator, and so on.
Clause 4.1 is a new requirement and a very important one, becuase it is necessary to obtain an overview of the organization to understand quality challanges of the organization, and the risk inherent in that market segment.
The organization should determine internal and external environment to determine the issues that are relevant, and can prevent the success of quality management system implementation.
It is also important to monitor and review the issues that can influence the ability of organizations to achieve the intended results from the QMS.
Understanding the needs and expectations of interested parties is a new requirement in the ISO/DIS 9001. This clause requires from organizations that are implementing the QMS to identify the interested parties and determine how they affect the management system.
In order to align with other Management System Standards, the ISO/DIS 9001 has adopted the clause documented information. Documented procedures (e.g. define, control or support a process) requirement in 2008 version now is expressed as a requirement to maintain documented information. In addition, records are expressed as a requirement to retain the documented information, in ISO/DIS 9001.
The major change that was made to this clause is that there are no mandatory procedures in the revised version, meaning that concepts such as ‘documented procedure’ or ‘records’ are not used within the standard. Organization still need to include documentation information that are required by the standard.
Not requiring quality manual and documented procedures is a significant change. Clearly, the intent is to make things easier for the organization. Documented information may be a series of pictures or a video on the shop floor. This might make things more challenging for auditors, especially those whose start an audit by saying, "Show me your procedure for this....“. Auditors will have to work harder to ensure that an activity/process is truly implemented and maintained.
To be effective, the management system must be maintained in a ready state that accurately reflects business requirements, procedures, organizational structure, and policies. During the continual improvement phase, the processes and procedures undergo frequent changes because of shifting business needs, technology upgrades, or new internal or external policies. Therefore, it is essential that the management system be reviewed and updated regularly as part of the organization’s change management process to ensure that new information is documented.