There is a transitional period of three years after the publication of each new version of ISO 9001, during which organisations can adapt their quality management to match the latest version. Organisations must therefore implement the new ISO 9001:2015 standard before 23 September 2018 in order to continue complying with ISO 9001.
The first three clauses in ISO 9001:2015 are largely the same as those in ISO 9001:2008, but there are considerable differences between ISO 9001:2008 and ISO 9001:2015 from the fourth clause onwards. The last seven clauses are now arranged according to the PDCA cycle (Plan, Do, Check, Act).
Clauses 4, 5, 6 and 7 of ISO 9001:2015 come under PLAN, clause 8 comes under DO, clause 9 comes under CHECK and clause 10 is covered by ACT.
With this new arrangement, the new ISO 9001:2015 strives to give additional momentum to the continuous and systematic improvement of processes within organisations.
As a result of the new arrangement in ten clauses, ISO 9001:2015 now has the same unambiguous structure as all standardised management systems, known as a ‘High Level Structure’ (HLS).
The core elements of ISO 9001, ISO 14001, ISO 22000, OHSAS 18001, etc. are therefore all the same from now on. This has made the integration of various management systems much simpler. If, for example, an organisation wishes to implement ISO 14001 in addition to ISO 9001, the parts that cover the same topic can easily be seen in the standards.
There is more emphasis in ISO 9001:2015 on measuring and properly assessing the input and output of processes. According to ISO 9001:
2015, you must closely monitor which articles, information and specifications are involved in the production process. You must also clearly check whether good articles come out of the production process.
Risk-based thinking has a very important place in ISO 9001:2015. You are now strongly encouraged as an organisation to use risk analysis in order to decide for yourself which challenges you see in the management of your business processes. Formal risk analysis, familiar to many organisations via FMEA or HACCP techniques, is now standard for everyone. To emphasise their dominance, the concept of ’risk’ occurs forty-eight times in ISO 9001:2015, compared with only three times in ISO 9001:2008. The addition of risk-based thinking has made the ‘preventive measures’ of ISO 9001:2008 redundant. These preventive measures no longer appear in ISO 9001:2015.
SO 9001:2015 requires your business to construct its quality management system from now on from the specific context within which it is active. This means, among other things, that, as an organisation, you have to take into account the needs and expectations of interested parties and that you evaluate and deal with internal and external strategic questions. You have to show that, as an organisation, you understand and respond to the expectations of all the parties concerned.
In ISO 9001:2008, customers were often named as being the only interested party. This concept has been extended in ISO 9001:2015. Suppliers, personnel, shareholders, legislative bodies, society, internal customers, etc. are now included as interested parties, in addition to customers. As an organisation, you have to be aware of the importance of these interested parties’ (changing) requirements and standards and anticipate them in the features of your products and services.
This has always been part of the standard in another form, however. Therefore, it is not expected that organisations will have to implement major changes in this respect. You cannot make or deliver a good product without knowing the requirements and expectations of customers and interested parties in any case, this is the basis of a quality management system.