Significant change is coming to ISO (international Organization for Standardization) 9001, the popular international standard that is widely used across companies to ensure consistent, high-quality products and services that meet customer and regulatory requirements. Currently, more than 1 million organizations in more than 170 countries have been certified in the previous version of the standard. Now these organizations will need to transition to the new ISO 9001:2015 which provides updated definitions for all new or revised ISO management system standards.
This transition will make it easier for organizations of any size and industry to integrate ISO Standards. As people naturally resist change, training will be critical to effectively understand and implement ISO 9001:2015, especially to understand the meanings of new terms and concepts to facilitate design (or redesign) and implementation of new processes.
Responsibilities for Management
The 2015 revision of ISO 9001 is much more prescriptive than earlier revisions of the standard regarding top management and what now is referred to as Leadership and Commitment in the new clause 5. Organizations will need to know how to integrate the new requirements and structure into their current management systems. Integrating similar requirements, e.g., Management Review, Training, Internal Auditing from various ISO Standards into one common management system for a company will produce more effectiveness and efficiency and save costs.
Context of the Organization
“Context of the Organization” is not a new topic to ISO guidelines, but it is a new requirement in a management system standard. It will require organizations to understand the internal and external issues that are relevant to its purpose and strategic direction and that can impact its ability to achieve the intended outcomes of the management system. These issues can include technology, competition, litigation profile, regulatory environment, geographic location, and more.
Risk-Based Thinking
Another new and related requirement is to identify and address risks and opportunities. Risk is still a fairly immature concept across ISO standards and can easily be misunderstood. This new requirement mandates that organizations consider the organization’s context, interested party needs, and expectations to be addressed to assure that the management system will produce the intended results and achieve improvement, among other items. Training will be needed to help organizations properly understand, then implement and link these planning activities to meet the new requirements.
New Terms and Definitions
In the new ISO 9000:2015, there are several new or revised definitions organizations must know and use. Newly defined terms include:
- Service
- Risk
- Documented information
- Performance
- Context of the organization
- Monitoring
- Improvement
- Knowledge
In previous versions of ISO 9001, “service” was included in the definition of “products.” Because this was not explicit, this was not clear to service organizations. To address this concern, there is now a separate term and definition for “service.” This was one of several deliberate changes in the new revision to appeal more to service sectors. ISO 9001 global growth largely has been due to manufacturing sectors to date; however, it could have great benefit for other industries such as health care. But most health-care organizations have not yet used ISO standards or guidelines despite the fact that health-care delivery in the U.S. now is listed as the third leading cause of death, after heart disease and cancer, attributed to preventable medical errors.
Allied and Affiliated Companies Now Considered “Suppliers”
One of the biggest challenges facing quality leaders in companies has been getting good quality and delivery from “sister” companies. They often are considered to be exempt from the Standard’s requirements for purchased product control being part of the broader company. In many organizations, these “sister” companies provide the worst quality and delivery. The new Standard requires control of “externally provided products or service.” For example, if you are working in an organization that provides product to another plant, you soon may be affected as a result of new or revised processes for product qualification, manufacture, and/or delivery to “sister” plants. This will be even more difficult to address if your plant does not provide any product to an outside customer organization.
Change Management Enhanced
Change now is addressed in seven different requirements in ISO 9001:2015. That is a significant increase. There is now emphasis on the planning of changes with assignment of responsibility and control of changes, both planned and unintentional. There is now a requirement to address unplanned changes to ensure products and services continue to meet specified requirements. This is a more extensive and needed treatment of change management from previous versions of ISO 9001. Training likely will be required to build, implement, and manage an effective change management process.
How to Start the ISO 9001:2015 Transition
Organizations planning on making the transition to ISO 9001:2015 can start by considering the following:
- Conduct a gap analysis. Don’t assume you understand the new requirements and how they can be applied without a thorough read of the new standard. Examine the new and revised terminology carefully.
- Develop an implementation plan that includes any actions needed to complete the transition by a planned date.
- Build on what you have. Many organizations will find that while there are new requirements, these may be activities that are already part of their decision-making process, even if there is no formal structure around the application.
This is the first ISO standards transition required by organizations since 2008. The key to a successful transition will be to understand the requirements and develop a careful, thorough plan that ultimately will ensure consistent, high-quality products and services that meet customer and regulatory requirements.
For more information, visit http://asq.org/learn-about-quality/iso-9000/iso-9001-2015.
R. Dan Reid is the director of Consulting at Omnex Engineering and Management in Ann Arbor, MI. He is an author of ISO Technical Specification 16949, QS-9000/QSA, ISO 9001:2008 and the first International Organization for Standardization International Workshop Agreement (IWA), the Chrysler, Ford, GM Advanced Product Quality Planning with Control Plan, Production Part Approval Process and Potential Failure Modes and Effects Analysis manuals and the AIAG Business Operating Systems for Health-Care Organizations. Reid was the first delegation leader of the International Automotive Task Force. He is an ASQ Fellow and an ASQ-Certified Quality Engineer.
