Changes of ISO 9001: 2015 compared to ISO 9001: 2008
The new version of ISO 9001 was officially released and applied from September 15, 2015 (replace the ISO 9001: 2008 version) with breakthrough changes, helping businesses go into intrinsic management. The global competitive landscape is growing. The new version of ISO 9001: 2015 is organized by ISO and is expected to maintain up to 25 years.
ISO 9001: 2015 is based on requirements related to aspects of a quality management system. Regarding structure: ISO 9001: 2015 has 10 clauses corresponding to the PDCA cycle. Terms 4 to 7 - Plan, Clause 8 - Do, Clause 9 - Check, Clause 10 - Act. Specifically:
• Clause 0-3 - Introduction and scope of the standard
• Clause 4 - Organization context
• Clause 5 - Leadership
• Clause 6 - Plan
• Clause 7 - Support
• Clause 8 - Operation
• Clause 9 - Performance evaluation
• Clause 10 - Improvement
Differences between ISO 9001:2008 and ISO 9001:2015
In term of terminology: there are 69 new terms included in ISO 9001: 2015 version with a more specific layout, easier to understand and more flexible scope of use.
In addition, ISO 9001: 2015 has changes in all terms, typically in the content of Clauses 4, 5, and 6.
Clause 4. Context of the organization
This clause requires an enterprise to determine the internal and external "contexts" to assess how they affect enterprise’s business (4.1). To identify this context, enterprise can use strategic planning tools such as:
- SWOT (Strenghs - Weaknesses - Opportunities - Threats): matrix of Strong-Weak - Opportunity - Threat, BCG (Boston Consultant Group);
- MGSC Matrix (Grand Strategy Selection Matrix): overall strategic selection matrix;
- SPACE matrix (Strategic Position and Action Evaluation): strategic position matrix and action evaluation;
- McKINSEY matrix with competitive position and field attractiveness;
- QSPM matrix (Quantitative Strategic Planning Matrix);
- The Business Model Canvas: sketching business model ...
It is important that the output of this process is to choose the strategy (possibly through an assessment to determine which strategy is chosen), to implement, test and fix the strategy throughout the business process.
In order to implement the strategies, an enterprise must plan its goals (6.2), plan QMS and its core business processes.
The new version also requires the expected understanding of interested parties (4.2) such as employees, investors, customers; Suppliers, business partners, competitors ...
The old version required that when establishment is started, implement, maintain, and improve QMS, organization also identify the essential processes. The new version additionally requires to specify "input", "output" requirements and measure through "indicators" and "risks" (if possible) for these processes.
Clause 5. Leadership
The top management shall demonstrate leadership and commitment to the quality management system by take accountability of the ensuring the commitment of the leader ...
The new version is no longer to require a leadership representative (QMR in the old version) with the expectation that management shall directly control the quality management system (QMS).
Clause 6. Planning
This change is very important to replace the "preventive action" in the old version. When organizations plan the prevention, they become more active to react, prevent, or reduce unwanted effects. By dint of that, promote continuous improvement.
Preventive action is “automatic” when organization access issue basing on a risk-based management system. "Risk management" will help organization decrease risks that directly affect the quality of products / services. Moreover, it directly affects not only the inputs (Man, Material, Machine, Method, Measurement, ...) but also the output of process.
Risk control principles can be: Technology change or method change, Technology control (living with floods), administrative control method, Human protection with PPE or result protection, incident response (in case of emergency), ...
Risks have different frequency of occurrence and risk, so the new version requires: Identify and select high-risk risks to control. Control of these risks shall depend on "goals" and / or "procedures" to control them.
According to the guidance of the Forum of International Accreditation Organizations (IAF), organizations certified under ISO 9001: 2008 have three years from the date the new standard is issued to convert to ISO 9001: 2015. This means that the Certificate of ISO 9001: 2015 can only approved from September 15, 2015. Organizations can continue to apply the old standard and all ISO 9001: 2008 Certificates will expire after 14/09/2018
Translator: Department of Administration