THE NEW ISO 9001

THE NEW ISO 9001:2015

�ذا ��و�� ن ھذا ا�دار ا��د�د

�زا�د�ن ا��زاوى/ �واء ��دس1

1987

19942000

2008

2015

Revisions

First published in 1987, ISO 9000 has consistently been ISO’s most popular

series of standards. The 1st edition of ISO 9001 was published, along with

ISO 9002, ISO 9003. Like all ISO standards ISO 9001 generally undergoes a

revision every five years.

ISO 9001


ISO 9001 & 9004 series

PreviousAdd latest Versions

ISO9001:2000 is

Quality management

systems – Requirements

ISO9004:2005 is

Guidance for

implementation of– A

quality management

system


Process

�زا�د�ن ا��زاوى/ �واء ��دس 4

Input Process

Output

ISO 9001 & 9004 series

CurrentAdd latest Versions

ISO9001:2008 is

Quality management

systems – Requirements

ISO9004:2009 is

Managing for the

sustained success of an

organization – A quality

management approach


Process Approach


ISO 9001:2015 development process


There are several distinct stages when

developing an ISO standard; the key ones being:

1. Working Drafts (WDs);

2. Committee Draft (CD);

3. Draft International Standard (DIS);

4. Final Draft International Standard (FDIS);

5. International Standard (IS).

The standard is published after approval of the FDIS by

participating national standards bodies and is reviewed at regular

ISO/CD 9001

Jan

Feb

Mar

Apr

May

Jun

Jul

Aug

Sep

Oct

Nov

Dec

2013

CD ballot opens: June 2013

CD ballot closes: August 2013

It is standard practice for the CD to be distributed only to

member body mirror committees. However, some member

bodies may distribute the CD to the public (free or for sale)


ISO/DIS 9001

Jan

Feb

Mar

Apr

May

Jun

Jul

Aug

Sep

Oct

Nov

Dec

2014

DIS ballot opens: April 2014

DIS ballot closes: August 2014

It is standard practice for the DIS to be distributed to members

of the public (free or for sale). Some member bodies provide

electronic tools for viewing and commenting on the DIS.


ISO/FDIS 9001

Jan

Feb

Mar

Apr

May

Jun

Jul

Aug

Sep

Oct

Nov

Dec

2015

FDIS ballot opens: July 2015

FDIS ballot closes: August 2015ISO 9001 published:

September 2015


��ر �Reasons for changesا"! ب ا�

��رات ا�$ ��( ا��# طرأت ! �"وق ا�$ ��# •�ا��وا+ق �* ا��ادارة "3"ل , ادارة ا��$1و� ت , �,ل ا��.�و�و-� ا��د�,(

��ر, ادارة ا��$ر+( , ا�� +"�( , ا�4داد �ادارة , ادارة ا��رات ا�$ ��(�ا��8 طرو�7ر ذ�ك �ن ا��

�* ا4"��رار +# ا��دف ا4>1; وھو �و+�ر ا��9 او ا�8د�( •�وا+ق �* ��ط1! ت ا�$�3ء �* ا��وا+ق �* ا�<وا��ن � #�ا�

وا��?ر�$ ت ا��ط!<(

•)1� .��را� ة ا�B.ر ا��د�ث +# ا�? ء ا�ظ�( ادارة �integrated ة .!�رةC?�� ىC! )>+وا��و"ط( او >��رة , و��


Revision of quality principles

�را-$( �! دىء ا�-ودة

4. Process

Approach

Quality Principles


Risk and preventive action

� Preventive action has been removed from ISO/CD

9001:2015. To be replaced by the wider perspective

of planning, risk management as a core element of

planning, and the having of a management system in

the first place. Indeed, all references are made to risk,

identification of risks and opportunities and planning

actions to address risks and opportunities identified.

Risk based thinking goes throughout the entire

ISO/CD 9001:2015.

� Stays in line with Annex SL that contains no specific

requirements for ‘preventive action’


Major Changes

� Adopts the high-level structure of Annex SL, a general structure

used for the development of all new ISO standards

� There are now 10 main clauses, 1-3 as before, with requirements

now set out in clauses 4-10. As a result, many requirements from

the existing version are now located differently

� Hoped to facilitate the development of integrated management

systems. Having a uniform structure as the basis of certification for

MS will more likely improve the comprehensibility of standards and

make combined certification more efficient.


Changes in Structure

ISO 9001:2008

=

=

=

=

ISO 9001:2015

0. Introduction 0. Introduction

1. Scope 1. Scope

2. Normative references 2. Normative references

3. Terms and definitions 3. Terms and definitions

4. Quality Management

System Requirements

4. Context of the Organisation

4.1. General requirements 4.1. Understanding the organization and its

context

4.2. Documentation

requirements

Now Section 7.5.

4.2. Understaning the needs and expectations of

interested parties

4.3. Determining the scope of the quality

management system

4.4. Quality Management System

5. Management responsibility 5. Leadership

5.1. Management commitment 5.1. Leadership and commitment

5.2. Customer focus 5.2. Quality policy

5.3. Quality policy 5.3. Organizational roles,

Responsibilities and authorities

The new clauses require theorganisation to determine the issues,requirements and expectations ofstakeholders that may impact theQMS- a key input to its development



5.1. Management commitment 5.1. Leadership and commitment

5.2. Customer focus 5.2. Quality policy

5.3. Quality policy 5.3. Organizational roles,

Responsibilities and authorities

5.4. Planning 6. Planning

6.1. Actions to address risks and

opportunities

6.2. Quality objectives and trying to

achieve them

6.3. Planning of changes

5.5. Responsibility, authority

and communication

Section 5.3. for responsibilities; section 7.4. for

communication

Now Section 9.3.5.6. Management review

6. Resource management 7. Support

6.1. Provision of resources 7.1. Resources

6.2. Human resources 7.2. Competence

7.3. Awareness

7.4. Communication

7.5. Documented information

6.3. Infrastructure

Now Section 7.1.6.4. Working environment�زا�د�ن ا��زاوى/ �واء ��دس16

7. Product realization 8. Operation

7.1. Planning of product

realization

8.1. Operational planning and control

7.2. Customer-related

processes

8.2. Determination of market needs and

interactions with customers

7.3. Design and development 8.3. Operational planning process

7.4. Purchasing 8.4. Control of external provision of goods and

services

7.5. Production and service

provision

8.5. Development of goods and services

7.6. Control of monitoring

and measuring

equipment

8.6. Production of goods and services

8.7. Release of goods and services

8.8. Nonconforming goods and services

8. Measurement, analysis

and improvement

9. Performance evaluation

8.1. General 9.1. Monitoring, measurement,

Analysis and evaluation

8.2. Monitoring and

measurement



8.2.1. Customer satisfaction

8.2.2. Internal audit 9.2. Internal audit

8.2.3. Monitoring and measurement

of processes

Now Section 9.1.

8.2.4. Monitoring and measurement

of product

Now Section 9.1

9.3. Management review

8.3. Control of non-conforming

product Now Section 8.8.

Now Section 9.1.8.4. Analysis of data

8.5. Improvement 10. Improvement

8.5.1. Continual improvement 10.1

.

Non-conformity and corrective

action

8.5.2. Corrective action 10.2

.

Improvement

8.5.3. Preventive action Rem

ovedNote: Red: after Annex S. Black: after Committee Draft of ISO 9001- Document: ISO/TC 176/SC 2/N 1147.

Changes in structure


‘Products’ replaced by ‘goods and services’

� Further to the ISO/IEC Directives using the term"goods and services", ISO/CD 9001:2015 hasreplaced “product” with “goods andservices”.

� This is to make it more generic and applicable toorganisations of any kind, i.e. in the servicefields, and remove the existing bias towardscompanies that deal with physical products


„Control of external provision of

goods and services“� “Purchasing” and “outsourcing” are now replaced

by “external provision of goods and services”.

Clause 8.6 Control of External Provision of Goods and

Services addresses all forms of external provision,

whether it is by purchasing from a supplier, through an

arrangement with an associate company, through the

outsourcing of processes and functions of the

organization, or by any other means. The organization

is required to take a risk-based approach to

determine the type and extent of controls

appropriate to each external provider and all external

provision of goods and services.


Replacing „Design and development“ by „Development“

� “Design and development undergo a substantial change. Thus, it

is implicit in ISO 9001:2008 that there is a design and development

model that goes from requirements, through design input, design

review, design output, etc.

� The new version replaces “design and development” with

“development” only. Thus, the organisation is no longer bound

by the prescribed development model, and it is now up to it to

define what this model is and what its own development processes

are.

� Having defined what development processes are, the organisation

would have to describe the controls, verification, validation, the

transfer from one particular stage to the next.


Documentation requirements change-nill mandatory procedures

� In line with Annex SL Appendix 2 , ISO/CD 9001:2015 contains

general requirements for documentation only, with no reference to

documented quality manual, documented procedures or to quality

records. 'Documented information' now replaces both

procedures and records which seems to be more accepting of

electronic documents and document control approaches.

Consequently the terms “document” and “record” have both been

replaced throughout the requirements text by “documented

information.”

� Document control (ISO 9001:2008 Clause 4.2.3) and record

control (Clause 4.2.4) procedures do not exist anymore. Nill

mandatory procedures are required by the new version.


Management representative not explicitly required

� Senior management is now required to take a more

active involvement in the quality management

system. Stronger emphasis on the overall

accountability of top management for the effectiveness

of the quality management system.

� The figure of management representative no longer

explicitly mentioned. In the absence of specific

requirement for a management representative, the

organisation may choose a structure of assigning

responsibilities as appropriate to ensure relevant

responsibilities and authorities are assigned.


This change will benefit those clients whohave implemented or planned to implementmultiple ISO management systems e.g. ISO9001 and ISO 14001. As the trend for thesetwo standards will be using Annex SL as thebasic structure, it will be easier to integratemultiple management systems.

Adoption of Annex SL


Adoption of Annex SL

This change will be beneficial to auditorswho audit integrated management systemswhich will be based on the same structure.More efficient auditing is expected.


Embedding Process Approach

This change sends a very clear message toclients that “Process Approach” is a must, notan option. All the clients shall ensure that theirQMS is based on process approach i.e.determining inputs and outputs from eachprocess, the sequence and interaction of theprocess, etc. Training on process approachwould become a priority for those clients whodo not have a well-developed process-basedQMS.



In relation to that, section 5.1.1 c) of theISO/CD 9001:2015 requires top managementto make sure that QMS are integrated intobusiness processes. That is to say that QMSshould reside within, or be built into, the veryprocesses that really output product. It isbelieved that this focus would “result in aholistic system with the primary objective ofmeeting customer requirements andenhancing customer satisfaction”.

.�زا�د�ن ا��زاوى/ �واء ��دس27

This change could make it easier to auditclients’ QMS using process approach as theclients have been explicitly required by thestandard to implement their QMS based onprocess approach. Less challenge from theclients could be expected when auditors writingnonconformity on “process approach”.

Auditors’ knowledge and competence onprocess approach auditing shall be ensured.



This change requires the clients to adopt risk-based thinking and risk-driven approach in theirQMS. Risks and opportunities shall bedetermined to assure QMS achieving itsintended results, good and service conformityand customer satisfaction; preventing orreducing undesired effects and achievingimprovement. Actions to address risks andopportunities identified shall be planned andtheir effectiveness of the actions shall beevaluated.

Risk and Preventive Action


Risk and Preventive Action

Auditors will not need to use the term

“Preventive Action” anymore as it no

longer exists in the ISO 9001:2015

Standard. Risk-based thinking and risk-

driven approach shall be required from

the clients by auditors when auditing

clients’ QMS.


Documented Information

The clients do not need to have 6 minimumdocumented procedures (as required by ISO9001:2008 Standard) anymore. The clientsshall be familiar with the term of“documented information” which replaces theterms of “document” and “record”.


Documented Information

Auditors do no longer require the clients

to have six minimum documented

procedures in their QMS. Auditors shall

be familiar with the term of documented

information which replaces “document’

and “record”.


Control of External Provision of Goods and Services

The client shall determine what forms ofexternal provision of goods and services theyare using now – through suppliers, associatecompanies or outsourcing of certain processesand functions to sub-contractors.

Then evaluate the risk level and determinewhat type and extent of control shall beapplied to external providers and externally-

provided processes, goods and services.


Seven Quality Management Principles

The clients should be aware of the change

from eight quality management principles

to seven quality principles.

Per Clause 5.2 “Note” in ISO 9001:2015

Standard, the quality management

principles can be used as the basis for the

quality policy.


Seven Quality Management Principles

Auditors shall be aware of the change

from the eight quality management

principles to seven quality management,

the four quality management principle title

change, what are their meanings and

rationales.


Continual Improvement becomes Improvement

The client should be aware of the term

change from “Continual Improvement” to

just “Improvement”, which can be

reflected in their QMS documentation.


Continual Improvement becomes Improvement

Auditors should be aware of the term

change from “Continual Improvement”

to just “Improvement” in their auditing.


Impacts

Risk based thinking becomes the very basics of the improvement

agenda, the QMS is now more risk sensitive, more outward

oriented, more flexible to innovation and improvement

opportunties. This is the change that organisations need to

understand by all means possible and further reenforce. The

transition, in this sense, is more than a change of

documents, but implies intelligently and proactively

revisiting current approaches to addressing risks and

opportunities.

The agenda is a long term one, a conditio sine qua non in the

process is the extended involvement of top management in the

QMS development and implementation.


Impacts

• Without appropriate leadership and

commitment, any changes undetaken may

bring desired outcomes only accidentally

with limited, if any chances for sustained

improvement!!!


Transition Period

The transition period for users of ISO

9001:2008 to transfer to ISO

9001:2015 is planned for 3 years from

the release date (September 2015).

*Please note that the above

arrangement is subject to agreement

by ISO/CASACO and the IAF.


Thank You

Any Questions?


THE NEW ISO 9001

Documents