Call Today! (800) 244-5409


ISO 9001:2015 Risk Analysis

Key Questions –

  1. Why implement Risk Based Thinking?
  2. What does ISO 9001:2015 require?
  3. What is Risk Based Thinking?
  4. What is Risk?
  5. What is a simple Risk Tool?
  6. How does it integrate into the Process Approach?
  7. How do you make Risk Based Thinking a Continual Process Improvement activity?

ISO 9001:2015 Risk & Opportunities –

“4.4 Quality management system and its processes

The organization shall establish, implement, maintain and continually improve a quality management system, including the processes needed and their interactions, in accordance with the requirements of this International Standard.

“The organization shall determine the processes needed for the quality management system and their application throughout the organization and shall determine…

f) The risks and opportunities in accordance with the requirements of 6.1, and plan and implement the appropriate actions to address them;”

6 planning for the Quality Management system

6.1 Actions to Address Risks and Opportunities

6.1.1 When Planning for the Quality Management System,

The organization shall consider the issues referred to in 4.1 and the requirements referred to in 4.2 and determine the risks and opportunities that need to be addressed to:

  1. Give assurance that the quality management system can achieve its intended result(s);
  2. Prevent, or reduce, undesired effects;
  3. Achieve continual improvement.


6.1.2 The Organization Shall Plan:

  1. a) Actions to address these risks and opportunities;
  2. b) How to integrate and implement the actions into its quality management system processes (see 4.4) and evaluate the effectiveness of these actions.


Actions taken to address risks and opportunities shall be proportionate to the potential impact on the conformity of products and services.”


The Main Objectives of International Standards are to provide confidence in the organization’s ability to consistently provide customers with conforming goods and services and enhance customer satisfaction


The concept of “risk” in the context of the ISO 9001:2015 international standard relates to the uncertainty in achieving these objectives.


What is “Risk Based Thinking”?

Risk-based thinking is something we all do automatically and often sub-consciously


The concept of risk has always been implicit in ISO 9001, but the ISO 9001:2015 makes it explicit and requires formal inclusion across the entire management system


Risk-based thinking is already part of the process approach Risk-based thinking enhances Preventive Action. Risk is often thought of only in the negative sense.


Risk-based thinking can also help to identify opportunities. This can be considered to be the positive side of risk

Why Should I adopt “Risk-Based Thinking”?

  1. To improve customer confidence and satisfaction
  2. To assure consistency of quality of goods and services
  3. To establish a proactive culture of prevention and improvement
  4. Successful companies intuitively take a risk- based approach


What Should I Do?

Identify what the risks and opportunities are in your organization

  1. Analyze and prioritize risks and opportunities in your organization and quantify them
    1. What is acceptable?
    2. What is unacceptable?
  2. Plan actions to address the risks by prioritizing them based on RPN numbers
    1. How can I avoid or eliminate the risk? Can it be designed out?
    2. How can I mitigate the risk? Increase detection? Reduce Occurrence?
  3. Implement the plan – take action based on priorities
  4. Check the effectiveness of the actions – and re-score your RPN’s.
  5. Learn from experience – continual improvement

Key Points to Remember


  1. Risk Based Thinking is Preventative Action
  2. Risk Based Thinking is everyone’s job
  3. Risk Based Thinking is not just the sole responsibility of management
  4. Risk Based Thinking is an integral part of the organizational DNA


What is Risk?

Risk is the possibility of events or activities impacting the organization’s strategic and operational objectives.


Risk Definitions

Risk can be defined by three (3) parameters


  1. Severity – The Seriousness of the harm
  2. Probability (or Occurrence) – The Probability that the harm will occur
  3. Detection – How well can the item be detected


Severity x Occurrence x Detection or “SOD” = Risk Priority Number or RPN


The Importance of a Risk (or FMEA) Worksheet


The risk worksheet, (example – FMEA), is essential, as it records identified risks, their severity, and the actions steps to be taken.


It can be a simple document, spreadsheet, or a database system, but the most effective format is a table.

A table presents a great deal of information in just a few pages.


There is no standard list of components that should be included in the risk worksheet. Some important ones include –


  1. Description of the Risk: A phrase that describes the risk.
  2. Risk Type (business, project, failure, yield, stage, etc.)
  3. Classification of the risk:
    1. Business risks relate to delivery of achieved benefit
    2. Project risks relate to the management of the project such as timeframes and resources
    3. Stage risks are risks associated with a specific stage of the plan.
  4. Likelihood of Occurrence: An assessment on how likely or often the risk will occur. Examples are:
    1. L-Low >30%)
    2. M-Medium (31-70%)
    3. H-High (>70%).
  5. Severity of Effect: Provides an assessment of the impact that the occurrence of this risk would have on the project.
  6. Detection – how well a risk can be detected via countermeasures
  7. Components of a Risk Worksheet (example – FMEA)
  8. Countermeasures: Actions to be taken to prevent, reduce, or transfer the risk. This may include production of contingency plans.
  9. Owner: The individual responsible for ensuring that risks are appropriately engaged with countermeasures undertaken.
  10. Status: Indicates whether this is a current risk or if risk can no longer arise and impact the project.


Other columns such as quantitative values can also be added if appropriate.




Integrating Risk Based Thinking with the Process Approach


Purpose of the Process  Approach

The purpose of the process approach is to enhance an organization’s effectiveness and efficiency in achieving its defined objectives. This means enhancing customer satisfaction by meeting customer requirements. Effective Risk Management means integrating it into your Process & Interactions Map, and resulting KPI’s.

Integrating Risk Management into Management Review Input

“Top management shall review the organization’s quality management system, at planned intervals, to ensure its continuing suitability, adequacy, and effectiveness. The management review shall be planned and carried out taking into consideration – d) The effectiveness of actions taken to address risks and opportunities (see clause 6.1)”


If the organization has a formalized Management Review procedure it is very important to update it to include the elements of Risk Management into the procedure.


In summary, Risk Management with respect to ISO 9001:2015 compliance is not optional. It is an integral part of the overall QMS.


Quality Resource Center offers an array of training and services in this area. Contact QRC today.

ISO 9001:2015 FAQ

Q – ISO 9001:2015 has been published. What now?

A – Obtain a copy of the Standard. They are available at

Review the standard in detail and also become familiar with Annex SL. Annex SL establishes a consistent structure featuring 10 clauses and common terminology and definitions applicable to all ISO Management System Standards.

Check out the numerous publications, briefs, FAQ’s, and White Papers offered by Quality Resource Center.

Review the manner in which your organization currently manages the new and significantly changed areas of the standard and how this relates to your quality or integrated management system. Consider a full GAP Analysis performed by Quality Resource Center professional.

Start by putting together an outline as well as a Gantt chart, taking into account milestones and timings for when and how you will upgrade your current management system. Make sure to start including Risk Management in every aspect of planning.

Establish a transition team, identify requirements and a plan for necessary training for key team members, managers, and other leadership. It is imperative that executive Management update their knowledge ISO 9001:2015, as their responsibilities have been significantly expanded.

Q – Who needs to be aware of the revisions to ISO 9001:2015?

A – Determine the key stakeholders who need to be aware of and understand the ISO 9001:2015 revisions:

  1. While there is no longer a requirement for a designated management representative, significant responsibilities still remain; they can delegated by Top Management to the System Manager.
  2. Top Management must understand and engage the leadership aspects of the revised standard.
  3. Key Process Owners must understand their obligations in managing their defined processes and associated Key Process Indicators.
  4. Internal Auditors and Audit Program Managers need to understand their specific requirements.

Q – What changes and revisions have been made to ISO 9001:2015?

A – Annex SL, Annex SL, Annex SL! It is the single biggest change to the ISO 9001:2015 document.

Other new areas include:

  1. Organizational context
  2. Control of externally provided products and services
  3. Formal introduction of a risk based approach (several clauses), among others.

Revisions to the standard include:

  1. Increased emphasis on top management engagement with ISO 9001
  2. Managing change
  3. Performance and evaluation
  4. Management review
  5. Risk Management

Q – How do the changes impact integrated management systems?

A – Annex SL has the goal of aligning ISO 9001:2015, ISO 14001:2015, and ISO 45001 (replaces OHSAS 18001). Since each of the standards share the structure and terminology of Annex SL, integration of these three important standards is much straightforward.

Q – Who are the key internal interested parties for large and medium size organizations in relation to the ISO 9001:2015 revision?

A – The most important internal interested party is top management. ISO 9001:2015 requires much greater understanding of the external environment, including addressing risk as well as greater top management ‘quality leadership’, and establishing tighter links between the management system and product/service quality.

There is increased emphasis on their direct involvement or oversight for the design, implementation, structure and performance of the organization’s management system and to ensure the QMS is an integral part of the organization’s business processes.

Q – How are smaller organizations impacted?

A – All the new and changed requirements will likely apply. The approach and degree of formality should be appropriate to the organization’s operating environment. Bear in mind that an organization should not be doing more than it needs to do to meet its customer and product/ service regulatory requirements but should be achieving this through a management systems approach based on ISO 9001:2015.

Q – When does the transition need to be achieved?

The transition guidance from ISO shows that organizations have three years from publication of ISO 9001:2015 to transition to the new standard. The cutoff point is September 2018. While some may choose their next certification cycle, many will want to be among the first to benefit from the increased functionality that ISO 9001:2015.

Q – What is the bottom line?

Focus on the areas of ISO 9001:2015 that are completely new or have been revised. Those are the areas that need to be included in your transition plan. Make sure that quality managers and internal auditors understand the differences that Annex SL (common text and structure) will bring to the design, operation and performance of your QMS.

Engage a professional –

Talk to Quality Resource Center – We not only understand the revisions, but more importantly, we know what the revisions mean to your QMS and wider organization – and how to apply it to best effect.

Engage with QRC to find out how a gap analysis and training on specific areas of ISO 9001:2015 can benefit you personally, as well as your organization.

Quality Resource Center offers a range of services to help you transition to the revised standards. Find out more at


Executive Leadership – Increased senior management responsibility in ISO 9001:2015

The common management system framework introduced by Annex SL, ISO 9001:2015 contains a number of changes including standardized terms and definitions as well as a 10 clause structure.

ISO 9001:2015 contains an expanded focus on Leadership; requirements relating to the role top management plays in creating and supporting an effective QMS have been enhanced, including –

  1. Promoting awareness of the process approach
  2. Driving the integration of QMS requirements into the organizations’ business processes
  3. Ensuring the QMS achieves its intended results
  4. Ensuring that the policies and processed are effectively communicated, understood and applied by the entire organization.
  5. Encouraging relevant management roles to demonstrate their leadership


Increasing the focus on Leadership in ISO 9001:2015 requires top management to demonstrate a clear understanding of the business context, assessing and ameliorating risks and opportunities, and greater accountability tied closer to links between the management system and actual product/service quality.

Going forward, assessors will challenge the top management of an organization to understand its business strategy and objectives in relation to ISO 9001:2015. This involvement must be demonstrable through internal oversights such as internal audits, which remains an integral part of the assessment. There’s an expectation that top management will be active participants in the ISO 9001:2015 Internal Audit process.

Assessors will actively engage with top management and be capable of communicating the ISO technical requirements in a way that relates to business – effectively bridging the gap between the boardroom and the shop floor.

The independent impartial external view is vital for continued effective operations.

For the top management this represents a requirement for their direct involvement with both the Internal and 3rd party external Auditors and the ability to demonstrate their active involvement and commitment to their system.

The management system can longer be simply delegated to the Quality Manager; requiring the integration of the QMS with the business processes automatically demands the involvement of all process owners.


Change is inevitable. Embracing positive change is critical for the survival of any organization. These revisions of ISO 9001:2015, along with the focus on top management engagement, will ensure that organizations will benefit from having an effective and performance-based management system that deliver a synergy of business benefits and real competitive advantages.

ISO 9001 2015 Analysis


  1. ISO 9001 scheduled to be published in September, 2015
  2. All clients need to be transitioned by September, 2018


  1. Published version to very closely mimic the FDIS
  2. Continue to expand language to include and emphasize service organizations
  3. Emphasize Risk Based thinking
  4. Reliance on Annex SL (Part of “ISO / IEC Directives Part 1 – Consolidated ISO Supplement – Procedures Specific to ISO”)


A. “Procedures”, “Records”, and “Documents” replaced by “Documented Information.”

  1. Allows alternative approaches to these items.
  2. References to “Product” changed to “Products and Services. (Historically Clause 3 of ISO 9001:2008 reads “Wherever the term “Product” appears it can also mean Service).”
  3. Expands the notion of ISO 9001 as applicable to multiple types of businesses, i.e. those with and/or without a tangible or physical product.

B. “Management Responsibility” has become “Leadership”

  1. Advances the concept that Management lead by example and involvement.

C. “Continual Improvement” has morphed into a larger section called “Improvement”

  1. Continual Improvement is no longer the only aspect of improvement; improvement can also be realized through breakthroughs, reactive changes, and reorganizations.)

D. Suppliers, vendors and subcontractors are now defined as “External Providers”

  1. Better accommodates service organizations.
  2. FDIS 9001 Annex A, clause A.8 indicates that “External Providers” includes Outside suppliers, Associate companies, and Outsourcing.

E. Elimination of Required Content

  1. ISO 9001:2015 does not specifically require any of the following:
    a) Quality Manual
    b) Procedures Manual
    c) Work Instructions

Theoretically, an organization can achieve certification without these documents. Auditors will still be required to verify consistency with applicable requirements. Thus, the organization must be prepared to show effectiveness of processes in whatever activity is being reviewed. If this can be demonstrated without a procedure/quality manual, then it is acceptable.

F. Elimination of the Management Representative

  1. “Management Representative” does not appear within the ISO 9001:2015 standard.
  2. The implication is that while this terminology has been eliminated, many of this party’s key functions should now fall to top management itself.
  3. Organizations are encouraged to appoint a “key” person (arrangements for audits, key contact for corrective actions, etc.).

Elimination of Permissible Exclusions

  1. ISO 9001:2015 has removed all verbiage related to “Permissible Exclusions.”
  2. Organizations can now claim any item from ISO 9001:2015 under a “Non-Applicable” designation.
  3. No difference from ISO 9001:2008, other than the scope of what can be claimed for exemption now encompasses the entire standard

Interested Parties

  1. ISO 9001:2015 includes a new term, “Interested Parties”, intended to be applied to all Annex SL based standard.
  2. Definition –
    “Person or organization that can affect, be affect by, or perceive themselves to be affected by a decision or activity.” Examples given include customers, staff, the organization, suppliers, bankers, unions, partners, and even competitors.
  3. Clause 4.2 requires that organization determine who their interested parties are, but emphasizes those “relevant to the quality management system.”

IV. Annex SL

A. Annex SL was first published in 2012, the output of a special committee of the ISO – The Joint Technical Coordination Group (JTCG.)

B. The Annex is a 10 section “blueprint” for authoring all of the ISO family of standards.

C. Annex SL promotes (among other things) utilization of common terms and core definitions.

D. Eventual plan calls for full transition of all ISO standards to Annex SL structure by 2016 or 2017

    Annex SL

    1 Scope

    2 Normative references

    3 Terms and definitions

    4 Context of the organization

    1. understanding the organization and its context
    2. understanding the needs and expectations of interested parties
    3. determining the scope of the quality management system
    4. quality management system and its processes

    5 Leadership and Commitment

    1. general
    2. customer focus
    3. policy
    4. organizational roles, responsibility and authority

    6 Planning

    1. actions to address risks and opportunities
    2. quality objectives and planning to achieve them
    3. planning of changes

    7 Support

    1. resources
    2. competence
    3. awareness
    4. communication
    5. documented information

    8 Operation

    1. operational planning and control
    2. requirements for products and services
    3. design and development of products and services
    4. control of externally provided processes, products, and services
    5. production and service provision
    6. release of products and services
    7. control of nonconforming outputs

    9 Performance evaluation

    1. monitoring, measurement, analysis and evaluation
    2. internal audit
    3. management review

    10 Improvement

    1. general
    2. non-conformity and corrective action
    3. continual improvement


A. The term “risk” is used 16 times in the auditable language of the FDIS 9001;

B. A formal/documented Risk Management Process is NOT specifically required

C. Expands the notion of Risk aversion to one that affects all of the various areas of the Quality Management System.

D. Clause 6.1.1 of the FDIS 9001 standard states:

When planning for the quality management system, the organization shall consider the issues referred to in 4.1 and the requirements referred to in 4.2 and determine the risks and opportunities that need to be addressed to:

    a) give assurance that the quality management system can achieve its intended result(s)
    b) enhance desirable effects
    c) prevent, or reduce, undesired effects
    d) achieve improvement

E. Clause 6.1.2 of the FDIS 9001 standard states:

The Organization shall plan:

    a) actions to address these risks and opportunities
    b) how to

      integrate & implement the actions into its quality management system processes (see 4.4)
      evaluate the effectiveness of these actions

Actions taken to address risks and opportunities shall be proportionate to the potential impact on the conformity of products and services.

NOTE 1 – Options to address risks can include avoiding risk, taking risk in order to pursue an opportunity, eliminating the risk source, changing the likelihood or consequences, sharing the risk, or retaining risk by informed decision.

NOTE 2 – Opportunities can lead to the adoption of new practices, launching new products, opening new markets, addressing new clients, building partnerships, using new technology and other desirable and viable possibilities to address the organization’s or its customers’ needs.

F. What ISO 9001:2008 requirements most directly correlate to Risk Management?

There are a number of activities that are required under ISO 9001:2008 standard that will help demonstrate compliance to Risk Management. These include:

  1. 6 Management Review (an assessment of your overall quality system leading to targeted improvement efforts),
  2. 2.2 Training (an assessment of competency needs with steps taken to ensure that personnel are fully qualified and competent.)
  3. 2.2 Review of Requirements related to the Product (an assessment of customer expectations against your current capabilities with steps taken to resolve discrepancies),
  4. 5.3 Preventive Action (an assessment of potential problems with actions taken to avoid those issues in the first place)



0.1 – General

Provides an overview statement, intentions on whom the standard benefits, introduces the ideas of Risk Based Thinking, PDCA, and explains four key terms (of which three are formally defined for the first time):

    a) Shall – mandatory requirement (numerous instances);
    b) Should – recommendation (no uses within the auditable content);
    c) May – permission (this term appears once in the auditable content); and
    d) Can – possibility or capability – numerous instances.

0.2 – Seven Quality Management Principles – reference to the ISO 9000 standard is given:

    a) Customer Focus;
    b) Leadership;
    c) Engagement of People;
    d) Process Approach;
    e) Improvement;
    f) Evidence-Based Decision Making; and
    g) Relationship Management.

0.3 – Process Approach

    a) Reinforce the process approach an improved graphic therein.
    b) Reinforces of Plan-Do-Check-Act (PDCA)

0.3.3 – Risk Based Thinking – definition and explanation of importance

0.4 – Relationship with other management system standards (ISO 9000 and ISO 9004)

Sections 1-3Not specifically auditable (as before)

Section 4Context of the Organization

Similar to ISO 9001:2008 Clause 4.0 – Quality Management System

Key new questions:

    A. What purpose does the organization serve?
    B. Who does it exist for?
    C. Who are the interested parties?
    D. Does any part(s) of the ISO 9001:2015 standard qualify for a “non-applicable” designation?

Section 5 – Leadership

Key new questions:

    A. Is a Leadership structure evident?
    B. Is Leadership accountable for the effectiveness (or lack thereof) of the QMS?
    C. Has Leadership ensured that the Quality Policy/Objectives are consistent with the strategic direction of the company?
    E.Is the QMS integrated into the business processes?

Section 6 – Planning for the quality management system

Key new questions:

    A. Have all risks (and opportunities) been considered?
    B. Have actions been taken or planned for said risks?
    C. With regards to Quality Objectives –
    D. Who will be responsible?
    E. What is the target date?
    F. What is to be accomplished?

Section 7 – Support

    A.Similar to ISO 9001:2008 Section 6.0 – Resource Management
    B. One very slightly new area of content is provided in clause 7.1.6 that asks the following

key new question:

    a.“Has the organization considered changing needs and trends versus its current competency base and determined what is needed for the future?”

Section 8 – Operation

    A. Very similar to ISO 9001:2008 Section 7.0 – Product Realization, and parts of Section 8.0

Section 9 – Monitoring, Measurement, Analysis, and Evaluation

    A. Similar to ISO 9001:2008 Section 8.0 – Measurement, Analysis, and Improvement, includes content from Section 5.0 – this is now where Management Review (5.6) is found

Section 10 – Improvement

    A. Similar to ISO 9001:2008 Sections 8.5.1-8.5.2– Continual Improvement and Corrective Action.


    A. Most of the major sector specific standards, including TS 16949 (automotive), AS9100 (aerospace), and TL9000 (telecommunications) have indicated intentions to transition and continue alignment with ISO 9001. (ISO 14001 will also follow suit, and is being rolled out at the time of this report).
    B. Precise timelines for these other standard updates are to be announced, but a 2016 publication date seems likely for all three.
    C. At present the only major standard not planning to continue alignment to ISO 9001 is ISO 13485 (medical devices,) currently in the midst of its own update with a targeted publication of early 2016


    A. Companies at various stages of implementing new quality management systems in accordance with ISO 9001:2008 may question if there is still value in registering to ISO 9001:2008.

    1. Important to note that ISO 9001:2008 still has at least 3 years of usability left in it.
    2. Equally important to note that the very first audits later this year to ISO 9001:2015 may be somewhat challenging for both auditee and auditor.

    B. Companies currently holding ISO 9001:2008 registrations seeking to transition – International Accreditation Forum (IAF) has published an Informative Document (ID 9) which recommends the following steps be taken in a transition to ISO 9001:2015.

    1. Top down Gap Analysis of the ISO 9001:2015 standard to identify the gaps that need to be addressed.
    2. Development of an implementation plan with assigned responsibilities, and milestones.
    3. Review and update of all quality management system documents (including the quality and procedures manual new or revised processes.
    4. Awareness and transition training.
    5. Full system internal audit followed by a Management Review.
    6. Full round of Corrective and Preventive Actions.
    7. Management Review and closure of any open findings should be in process or complete.
    8. Coordination with Registrar for planning transition logistics.

ISO 9001:2015 Transition News

For many industries and organizations around the world, ISO 9001 has evolved to become the foundational quality standard on which their complete quality management system is built.

However, as the integration of technology has changed many aspects of systems and operations in recent years, a degree of inflexibility and rigidness in the current ISO 9001:2008 standard was exposed. This latest revision-due to be published in September, 2015-will allow organizations to be more flexible in how they apply the standards and practices of IS0 9001 in the context of their unique processes, technologies and business needs.

The following questions and answers have been chosen for inclusion in this FAQ and organized by topic to facilitate organizations’ understanding of the changes afoot and how they will impact their business.


Where can I learn about the new structure of ISO 9001:2015?

Quality Resource Center has produced an abundance of materials that include overviews and analysis of the new high-level structure of ISO 9001, Annex SL. Quality Resource Center offers a full suite of value added training, including on-site, web based, as well are our state of the art training facility in northern California. The materials are available on the website.

You may also contact Quality Resource Center with any questions at certification through our web portal or by simply calling 1 800 244 5409.


When will the final version of ISO 9001:2015 be published, and where can I get a copy?

Timeline for publication and implementation of ISO 9001:2015

  1. July- October 2014: Comments on DIS were submitted
  2. July 2015 Final Draft International Standard FDIS issued
  3. September 2015 (estimate): ISO 9001:2015 issued
  4. September 2015- September 2018: Transition period. All current registrations to ISO 9001:2008 must be transitioned to the 2015 revision by this time, or they will lapse.


Will there be an implementation guide published for ISO 9001:2015?

Yes. Quality Resource Center will continue to offer additional important guides and updates. We also provide ISO 9001:2015 consulting, training, and auditing for businesses in need.


When should I start transitioning to ISO 9001:2015, and what should I do to prepare?

It would be prudent to begin planning discussions now based on the DIS, but hold off on taking any major action until the standard is published and the transition officially begins in September, 2015. One thing you can do is start taking inventory of your current processes and comparing them to the new high level structure proposed in the Dl S.


How much longer will ISO 9001:2008 compliance be recognized?

Conformance to the current standard will be recognized through the end of the three-year transition period, which is due to end September, 2018. Organizations can request to be audited to the FDIS when it is issued. The issuance of certificates is an Assurance Group decision. All organizations must transit ion to the new standard by the end of the transition period.


Are Organizations Permitted to Upgrade During Their Scheduled Re-certifications in 2016?

Yes, as long as your systems conform to the standards set forth in ISO 9001:2015.

Our Organization is Currently Implementing or Considering Certification to ISO 9001:2008. What is the Best Course of Action?

Continue as planned; there are three full years to achieve certification to ISO 9001:2015 after its publication in September, 2015. That said, Quality Resource Center can help to familiarize Organizations with the new high-level structure, so systems designed or upgraded with an eye toward the future.


Will the Transition Require Additional Resources Either in Budgets or Time?

Quite likely, but it will depend upon the current status of an Organization’s management system. Areas that will be impacted include personnel time developing or modifying current systems and processes to meet the new requirements.

For more information regarding how the ISO 9001:2015 might impact your organization, Quality Resource Center offer detailed ISO 9001:2015 GAP Analysis services that can assist in identifying where the audit against the revised standard will differ from your existing programme.


When May I begin transitioning? Do I Need to Wait Until My Surveillance Audit?

The transition process may commence as soon as the official three-year transition begins. While it is permissible to outside of your scheduled surveillance but it is more efficient to do an upgrade audit to ISO 9001:2015 during regularly scheduled surveillance audits.


How can Progress Best Be Measured During the Transition Process?

Quality Resource Center works closely with Organizations to develop approaches enable progress to be tracked towards the new standard and ensure proper training, support, and execution every step of the way. If you are implementing the standard for the first time, Quality Resource Center offers full turn-key solutions that offer maximum value with minimum risk.


When will auditor training be available for ISO 9001:2015?

Internal auditor training and certification will be available following publication of the FDIS in 2015; the rules and requirements have not yet been finalized. If your organization has a robust Internal Audit process, the auditing techniques should not change. However, the criteria you audit against and the scope of your audits will definitely be affected.

Quality Resource Center will provide customers with additional information as it becomes available. We also have a series of interactive webinars already scheduled, and public training courses on the transition all over North America. We also have a series of interactive webinars already scheduled, and public training courses on the transition a II over North America.


ISO 14001 Is Being Revised Along With ISO 9001. Will the Impact Organizations Utilizing Both Standards?

ISO 9001:2015 and ISO 14001:2015 will be more closely aligned than ever, as both standards will utilize the same high-level structure defined in Annex SL. Upwards of 30% of the language in the two management system standards will be identical. ISO 14001:2015 should be issued in September 2015 along with ISO 9001:2015 if everything goes according to plan.


What Impact Will the Revisions Have On ISO/TS 16949:2009 Automotive Standard?

The automotive industry is not enamored with the revisions to ISO 9001. Currently they are opting out of participating in the revision process in favor of creating their own standard. While the automotive group could certainly change their position between now and when the standard is finally issued in September 2015, no definitive position has been determined.


We Are Certified to AS 9100C. Are there any plans to revise this standard to accommodate new ISO 9001:2015 requirements?

AS 9100 will adopt the requirements of ISO 9001:2015 when the new standard is revised in 2016.


Is the ISO 13485 Medical Device Standard Changing As A Result Of The Updates To ISO 9001?

The draft ISO 13485:2015 is based on the clause structure in ISO 9001:2008, not the new requirements and clause structure of ISO 9001:2015 using Annex SL.

Tables correlating ISO 9001 and the previous version of ISO 13485 have been included in the document.

Similar to ISO 9001:2015, there will be a transition period for organizations upgrading from the 2003 revision to the ISO 13485:2015 standard. The date of the ISO 13485 transition has not been announced as yet.

The supplementary Annex Z in support of the European Medical Devices Directives has been included in anticipation of the next revision of ISO 13485 being harmonized under the three Medical Device Directives.

This means ISO 13485 and EN ISO 13485 will be published in a similar timeframe. Organizations can then use the Harmonized Standard with in Europe which provides for the “Presumption of Conformity” under the applicable clauses of the Directives. This revision has also been drafted recognizing that it will have to support the existing European Medical Devices Directives and the proposed European Medical Device Regulations when they are published in the future. Some of the content has therefore been specifically drafted to accommodate this requirement.


Where does Plan-Do-Check-Act (PDCA) Fit In With The New Standard?

Of course. The new standard is still built around the PDCA cycle. It’s featured prominently on page 8 of the Draft International Standard.


Will FMEA’s and Control Plans be required under ISO 9001:2015?

Although very valuable tools, FMEA’s and Control Plans are not required by ISO 9001:2015. Your organization could apply these tools as their approach to meet the requirements. Properly developed Control Plans would satisfy many of the requirements for section 8. FMEA’s are a useful tool to identify prioritize, and mitigate areas of risk required in section 6.


What Is The Practical Impact Of Eliminating The Management Representative?

The management system still needs a champion and a spokesperson, but it does not automatically mean that this is the quality manager-or any one person. Optimally, these duties would be shared by a member(s) of the leadership team. Once the management system has been implemented, this person’s role should transform into being a facilitator of continual improvement.   It should be noted that while the requirement for a designated Management Representative has been removed from the DIS, the responsibilities that were attributed to this position are still retained in the standard.


What Suggestions Are There For Organizations Wishing To Begin Preparing For ISO 9001:2015?

  1. Have a GAP Analysis performed and review the results. Identify Actions to fill the GAP’s.
  2. Train managers that will be affected by the proposed changes. Help them gain a comprehensive understanding of the issues at hand and help them begin to strategize an action plan for implementation
  3. If you have certification to more than one standard, look at where management system integration might be possible and beneficial. Make this part of the GAP Analysis.
  4. Talk to one of our representatives and ask how we can support your organization


I have an integrated management system based on ISO 14001 and OHSAS 18001-how will the revisions to ISO 9001 and these standards affect me?

The changes make system integration much easier as there will be greater alignment among these standards. But with differing projected publication dates and trans-national, you should plan your transitions carefully to retain certification on each.

It may be beneficial to acquire a copy of PAS 99, It offers valuable guidance on the design and structure of an integrated management system.


Is There A Requirement For a Quality Manual in ISO 9001:2015?

ISO 9001:2015 does not require a quality manual. The question each organization should consider is whether or not having one is beneficial to the organization. If it is used as intended in 9001:2008-an introduction to the management system that acts as a guide or roadmap to the overall system-then by all means have one. Quality Resource Center strongly recommends the Organizations maintain a Quality Manual.


What Are The Guidelines Like For Internal Audits Under ISO 9001:2015?

Refer to section 9.2.2 Internal Audit –


“The organization shall:

  1. a) plan, establish, implement and maintain an audit programme(s) including the frequency, methods, responsibilities, planning requirements and reporting, which shall take into consideration the quality objectives, the importance of the processes concerned, customer feedback, changes impacting on the organization, and the results of previous audits;
  2. b) define the audit criteria and scope for each audit
  3. c) select auditors and conduct audits to ensure objectivity and the impartiality of the audit process”


These requirements have been clarified from those in 9001:2008. Audits are still required to be conducted at planned (scheduled) intervals. Organizations need to establish goals, priorities, and objectives and align them to drive their decisions with respect to the audit function. Many of factors go into the development of an audit program, risk is being only one of them. Other things to consider: complexity and current state of the process or areas involved, and potential impact on customers and the Organization.


What Are The Key to Requirements for Design and Development of Products and Services? Will there be Requirements for Process Design?

Much of what is now required under ISO 9001:2015was implied and would have been considered good practices under ISO 9001:2008. Section 8.3 “Design and Development of Products and Services” enhances the requirements found in section 7.3 of ISO 9001:2008, which dealt with product design.   Some of the requirements have been reorganized (i.e. verification and validation have been consolidated in one section 8.3.4 “Design and Development Controls”). Technically, manufacturing process design is not included. However, a note at the end of section 8.3.1 encourages organizations to apply these same principles to process design and development.


Can you summarize the new approach to Preventative Action in ISO 9001:2015?

Organizations must understand their organization’s business context (Clause 4.1) and determine the risks and opportunities that need to be addressed (Clause 6.1). One of the key purposes of a quality management system is to act as a preventive tool. Consequently, the new standard does not have a separate clause or sub-clause titled “Preventive Action.” Instead, the concept of preventive action is expressed through a risk-based approach to formulating quality management system requirements. This resulted in a reduction of prescriptive requirements, which have been replaced by performance-based requirements. Although risks and opportunities have to be determined and addressed, there is no requirement for formal risk management or a documented risk management process. The implication is the entire management system, properly implemented, should function as a preventive tool.

Does Compliance With ISO 31000 Satisfy The Risk Management Requirements in ISO 9001:2015?

Clearly an Organization could apply the requirements of a risk management system as defined in ISO 31000 and more than meet the requirements for risk based thinking in ISO 9001:2015. While the standard does not require a formal risk management approach, organizations must identify and understand their business environment in the broadest of terms and the resulting potential risks they face. Armed with this data the organization can then develop and deploy an effective management system to control, mitigate, and eliminate these risks.


Is there a summary of the changes between ISO 9001:2008 and 9001:2015 available?

Yes. Quality Resource Center provides this summary and has made it discuss it at our training courses, both classroom and interactive webinars


How can Quality Resource Center provide support through the transition process?

Quality Resource Center will have the latest up-to-date information on the ISO 9001 revision all the way up to the planned publication in September, 2015. Upon publication, we can advise you on what to do to meet the new requirements.

Ultimately, it is up to you to plan and implement the changes, but Quality Resource Center will provide all the support you need to make the best possible decisions.


What training will be available?

Yes, we have a series of interactive webinars already scheduled, and public training courses on the transition all over North America.


I have questions about my certification I need to answer right now. Who should I call?

Quality Resource Center – 1 (800) 244 5409 or e-mail us at

Transition to ISO 9001:2015

Quality Professionals know that there has been much discussion over the last two years regarding impending changes in the ISO 9001:2015 standard

Understanding the revised standard’s impact on an organization can be a bit overwhelming.

Quality Resource Center is committed to assisting our clients and potential clients in achieving both compliance and maximum value added in transitioning to this new standard, and thus has drafted this FAQ to address some of the essential questions and issues and present guidance on steps needed to prepare for the coming change.

Additionally, Quality Resource Center has published several articles regarding changes to ISO 9001:2015 that are currently available at

Quality Resource Center offers a complimentary toll free call regarding ISO 9001:2015 transitioning –

Call today – 1 800 244 5409

A – Why is the ISO 9001 Standard Changing Again?

There are a number of important objectives imbedded with this revision.

There remains an unfortunate and erroneous perception that ISO 9001 is not fully compatible with service organizations. This is key, and there has been a targeted movement to streamline language used in order to improve understanding and promote consistency between accreditation bodies, certification bodies, auditors, and clients.

Simplifying and making the process more efficient for Organizations seeking multiple certifications (such as ISO 9001 and ISO 14001) has been addressed. Many of these Organizations have felt compelled to maintain multiple sets of quality and procedures manuals, SOP’s, Work Instructions, and Forms and Records. The new revision addresses these and other concerns. Quality Resource Center has been a pioneer in the development of Integrated Management Systems, and has developed and deployed more systems of this type than any other firm.

B – Will Other Standards (AS9100, ISO/TS 16949, etc.) Should Be Updated As Well?

The major sector specific standards, including ISO/TS 16949, AS9100, and TL9000 have indicated their intentions to transition and continue their alignment with ISO 9001. Timelines for these other standard updates are not fully known at this time; that said, a 2016 publication date seems likely for all three. At present only ISO 13485 has not announced plans to maintain alignment with ISO 9001, although it is in the midst of its own update with a targeted publication of early 2016. Continued alignment is expected.

C – What Are The Critical Changes?

Quality Resource Center has conducted analysis and prepared several separate reports detailing key changes, but there are two noteworthy elements:

1 ISO 9001:2015 has eliminated the terms “Documents, “Records”, and “Procedures,”. They have been replaced with the expansive terms “Documented Information.” The reasoning here is that it offers opportunities for greater understanding and acceptance of alternative methods of controlling a quality management system. ISO is no longer concerned with a process is controlled or shown to be effective. Thus, these terms have been removed.

2 – There has been a great deal of discussion regarding the introduction of Risk Management. There are already two ISO standards (ISO 14971 and ISO 31000) and numerous other published materials on methods that can be used to design and implement Risk Management. Quality Resource Center’s analysis has concluded that at least two existing processes within ISO 9001:2008 can be applied to an effective Risk Management program. These processes are 7.1 Planning of Product Realization and 8.5.3 Preventive Action.

Formal Risk Management is now required as a system wide element of the quality management system, similar in fashion as was Continual Improvement was when ISO 9001:2000 was published).

D – What is “Annex SL” and How Does It Relate to ISO 9001?

Annex SL is part of the “ISO/IEC Directives Part 1 – Consolidated ISO Supplement – Procedures Specific to ISO” document. This standard regulates and controls the process of developing, updating, and issuing ISO published standard. Annex SL is basically a ten section template to be used for all ISO standards. It establishes common terms and core definitions for much of the language used in the ISO family of standards. The mandatory structure of Annex SL enables organizations to be better positioned to attain multiple certifications such as ISO 9001, ISO 14001, and OHSAS 18001, as each of these standards will now contain the same 10 sections and include the same core terms and definitions.

E – What is the Timeline?

The projected publication dates for the FDIS (Final Draft International Standard) and the actual ISO 9001:2015 document are July 2015 and September 2015, respectively. It is Quality Resource Center’s contention that most organizations should wait until the final approved ISO 9001:2015 standard is published to make a purchase and obtain the Standard. Once the ISO 9001:2015 standard is published, a 36 month transition timeline will begin. Thus, if the ISO 9001:2015 standard is published on September 15, 2015, the ISO 9001:2008 standard will be viable until September 15, 2018.

It is important to note that ALL ISO 9001:2008 certifications issued in late 2015 and beyond will be required to bear an expiration date that matches the cut-off for ISO 9001:2008. Companies may be permitted to transition at their own pace, and certification bodies may establish their own individual cut-off dates for ISO 9001:2008 audits. That said, Quality Resource Center has declared there will be no cut-off in our support for ISO 9001:2008 audits. Quality Resource Center will be there to support our clients as long as that support is needed.

F – Our Organization Has a Re-certification Audit in Early 2016. Should It Conducted in Accordance with ISO 9001:2015?

This is a strategic decision that each Organization must determine, but there are several key points to consider. If the Organization has had a chance to perform an ISO 9001:2015 GAP Analysis, upgrade systems to comply with the revised requirements, and has confidence in the Organization’s ability to succeed, a request that a transition audit to ISO 9001:2015 be performed can be submitted.

Coordinating the timing of the transition to the existing recertification audit is ideal, but isn’t mandatory. An Organization could certainly perform its’ 2016 Re-certification Audit to ISO 9001:2008, and then complete a transition audit to ISO 9001:2015 in 2017.

G – Our organization has been certified for quite some time and our procedures are well implemented;

Will they need to be changed?

Quality Resource Center’s analysis has concluded that for the average ISO 9001:2008 certified company, the impact of the revised standard will be varied but quite manageable. It is important to bear in mind that the ISO is seeking greater inclusion for the ISO 9001 standard. They want to see it continue to grow into new sectors and be even more user friendly than it is now. Requiring a company to aggressively overhaul their current ISO 9001:2008 system is not consistent with this objective.

H – Should Our Staff Complete Transition Training?

It depends on the extent of revisions made to your quality management system, but generally speaking – of course you will be expected to provide some form of transition training to your staff. At a minimum, Quality Resource Center recommends that awareness training of the new standard would be conducted, as well as an assessment of the new standard’s impact on the various processes and personnel. Ideally, an ISO 9001:2015 GAP analysis would be conducted by Quality Resource Center’s certified Auditors. However, it is entirely conceivable that the majority of your staff will feel no effect from your company’s transition to ISO 9001:2015.

I – Where Can Internal Auditors Obtain Complete Transitional Training and Certification?

Internal auditing remains the cornerstone of demonstrating compliance to requirements within a quality management system. Organizations remain responsible for determining what competencies are required for its internal auditors, as well as the methods to be used to achieve those competencies. Simply stated, each organization must decide the extent to which transition training is required. It is conceivable that a seasoned team of internal auditors could conduct an ISO 9001:2015 GAP Analysis and period of self-evaluation to facilitate the successful transition to auditing ISO 9001:2015. The competency of internal auditors is judged by the overall effectiveness of the internal audit process.

Over the last 25 years Quality Resource Center has trained and certified thousands of Internal Auditors.

Contact Quality Resource Center immediately to schedule your training and certification project.

J – What Immediate Steps Can Be Taken?

Preparation must include a comprehensive review of the currently available DIS, or the soon to be available FDIS. Quality Resource Center can and does provide extensive early planning assistance and analysis. Expect to see an official transition guide from the ISO itself, and likely additional written materials from other bodies such as ANAB and RABQSA. The International Accreditation Forum (IAF) has published an Informative Document (ID 9) which recommends the following steps be taken in the transition to ISO 9001:2015. A full review of the ISO 9001:2015 standard should be performed by Top Management to identify the gaps that need to be addressed. A plan of implementation should be developed with assigned responsibilities. All quality management system documents (including the quality and procedures manual (if applicable)) should be updated to reflect any new or revised processes. Necessary awareness and transition training should be completed. A full system Internal Audit followed by a Management Review should be completed. Corrective Actions for all internal audit findings should be completed.

Only Quality Resource Center offers a full suite of transition and training options, including on-site, web based, and our state of the art training center in northern California. Contact Quality Resource Center for all planning of transition arrangements and training.


ISO 9001:2015 & ISO 14001:2015 Upgrade and Transition Training

Is your firm currently certified under ISO 9001:2008 and/or ISO 14001:2003?

Are you wondering what will happen with ISO 9001:2015 and ISO 14001:2015?

There are some very significant and important changes heading your way…


Since 2012, all ISO management system standards have been in the process of being updated against the new 10-clause High Level Structure (HLS).


The ISO 9001 and ISO 14001 standards are undergoing radical transformation, raising questions and concerns over their new structures, revised documentation requirements, and a variety of other changes needed to comply with the new and improved standards.


The ISO 9001:2015 Standard will be released in September 2015.


ISO 14001:2015 will be released in August 2015.


In addition to the new structures, there are other sweeping changes.


The new ISO 9001:2015 and ISO 14001:2015 emphasize risk-based thinking beyond that seen in earlier versions.


The ISO 9001:2015 Draft International Standard (DIS) was released in May 2014 and the target is now fairly well-defined.


Quality Resource Center offers practical, hands-on, 1 and 2 -day courses in developing your strategy for making a seamless transition to the new requirements; Available at our world class training center, on-site at your facility, or via the internet in our popular webinar based system.


Pre-Requisite: Participants should be knowledgeable of the ISO 9001:2008 QMS standard.


Who Should Attend?


Any interested party involved in ISO 9001:2015 or ISO 14001:2015 quality and/or environmental management system implementation or upgrade.


Course Description:


Attendees to this important course should include, but not be limited, to all personnel within the organization, especially Top Management; such that they may all understand how to successfully implement the upcoming changes in the ISO 9001 and ISO 14001 standards.


The new approaches, outlined in the drafts, represent a dramatic turn in direction. There are new demands on management. Risk Analysis now takes center stage and must be considered throughout the organization. Specific documentation is no longer mandatory, but remains conspicuously implied.


Quality Resource Center is uniquely positioned to lead you through the twists and turns of these important revisions and the effects they may have on your business. Our seasoned team of experts has experience that dates back to the original 1994 standard, the 2000 revision, and the 2008 revision.


Join us as we map out the latest versions of the revisions to ISO 9001 and ISO 14001. Quality Resource Center will provide the tools and techniques to help you understand the spirit and letter of the new revisions. With QRC, you can rise above the confusion and see how to prepare your team for management-led, risk-based thinking that can best position your organization.


These workshops will navigate you through the maze of changes and give you the latest information available from the technical committees to help you adopt this new approach.


Course Objectives:


This workshop will enable participants to:


  • Understand, interpret and plan for the changes in ISO 9001:2015
  • Receive up-to-date information on the key changes in both ISO 9001:2015 and ISO 14001:2015
  • Understand the 10 (ten) clauses of the new ISO Management System Annex SL
  • Gain insight into how the revisions provide closer relationship and alignment between ISO 9001, ISO 14001, ISO 13485, R2, AS9100C, OHSAS 18001, and ISO 27001, and ISO 22301
  • Get an overview of how these changes may affect the audit process
  • Learn the best practices that can help facilitate a smooth transition
  • Prepare for the transition plan to ISO 9001:2015 and ISO 14001:2015
  • Develop a strategy for effective implementation of the changes at their organization
  • Prepare for re-certification to ISO 9001:2015 and ISO 14001:2015
  • Understand how the new global push for a risk-based approach to business will affect your organization
  • Incorporate requirements for ISO 9001:2015 and ISO 14001:2015 Internal Audits
  • Train and prepare for ISO 9001:2015 and ISO 14001:2015 Internal Auditor Certification
  • Initiate Risk Analysis techniques and programs




At the conclusion of this course attendees will have been provided with:


  • An understanding of the reason for and the steps associated with revisions of the standards
  • An understanding of the philosophy behind, and the project management strategy to design a successful ISO 9001:2015 and/or ISO 14001:2015 implementation process
  • An understanding of the new structure of the ISO 9001:2015 and ISO 14001:2015 standards
  • An appreciation of the impact to organizations implementing the revisions




  • ISO 9001:2015 and ISO 14001:2015 – a detailed comparison between the old and new versions of the standards. Highlights of the changes, including a detailed review of the potential impacts, together with discussion of the new focus in certain areas, plus discussion of the plans for adoption by other standards
  • Implications for organizations – Examination of how implementing the revisions will affect organizations in the process of achieving compliance
  • What about Top Management? What are the new requirements for Executives?
  • Selecting a Registrar – how to make the best choice.


Quality Resource Center has been providing world class training and certification services in the field of ISO 9001 and ISO 14001 Quality and Environmental Systems since 1994. We can help you navigate what will surely be an uncertain transition period. We invite you visit this website regularly and to contact us today. Classes are forming and we can design a program to meet your organization’s unique requirements. Contact us today.

ISO 9001:2015 & ISO 14001:2015 Update

ISO 9001 and ISO 14001 are under revision with updated versions due by the end of 2015.


  • Why is ISO 9001 being revised?

All ISO standards are reviewed every five years to establish if a revision is required to keep it current and relevant for the marketplace. The future ISO 9001:2015 will respond to the latest trends and be compatible with other management systems such as ISO 14001:2015.

  • Where are we at in the revision process?

ISO 9001 is currently nearing the Final Draft International Stage (FDIS ballot expected by July), the fifth stage of a six stage process, whereby the ISO subcommittee revising the standard will now go through all the comments received during the DIS vote in order to produce a final draft which will then be put forward to all ISO members for voting.

  • What is the next step?

Once all comments have been considered a final draft will be produced and put forward to ISO members for voting.

  • When will the new version be published?

ISO 9001:2015 will be published by the end of 2015.

  • What will be the main changes to the standard?

The new version follows a new, higher level structure designed to make it easier to use in conjunction with other management system standards, with increased importance given to risk.

  • I am certified to ISO 9001:2008. What does this mean for me?

Organizations are granted a three-year transition period after the revision has been published to migrate their quality management system to the new edition of the standard.

  • How do I find out more?

Contact Quality Resource Center as soon as possible for more information on how the FDIS is proceeding.



Parties who will benefit from this guidance include but are not limited to –

  1. Organizations using ISO 9001:2008
  2. Accreditation bodies (AB’s)
  3. Certification bodies (CB’s)
  4. Training bodies and consultants



The ISO 9001:2015 revision introduces significant changes and will be published in September 2015. It is is based on Annex SL of the ISO Directives, a high-level structure (HLS) which standardizes sub clause titles, core text, common terms and core definitions to enhance compatibility and alignment with other ISO management system standards. Main changes in the new version of ISO 9001:2015 are:

  1. Adoption of the HLS as set out in Annex SL of ISO Directives Part One
  2. Explicit requirement for risk-based analysis to augment and improve the understanding and application of the process approach
  3. Fewer prescribed requirements
  4. Reduced emphasis on documents
  5. Improved applicability for service based organizations
  6. Requirement to define the boundaries of the QMS
  7. Increased emphasis on organizational context
  8. Enhanced leadership requirements
  9. Greater emphasis on achieving planned outcomes to improve customer satisfaction.



The International Accreditation Forum (IAF), which monitors certifications/accreditations, and the ISO Committee on Conformity Assessment (CASCO) have agreed to a three year transition period from the publication date of ISO 9001:2015. The transition period will begin in September 2015 and end in September 2018.


ISO 9001:2008 certifications will not be valid after the end of September 2018. From March 2017 all initial certifications under accreditation shall be to ISO 9001:2015.


Guidance for transition

The degree of change necessary for any organization will be dependent upon the maturity and effectiveness of the current management system, its organizational structure and practices. Thus, an impact assessment is strongly recommended in order to identify realistic resource and time implications prior to initiation of any changes.


Specific guidance for parties involved in certification and accreditation –

Organizations operating under ISO 9001:2008 are encouraged to take the following actions-

  1. Identify organizational gaps which need to be addressed to meet new requirements
  2. Design and develop an implementation plan
  3. Facilitate training and awareness for all affected parties
  4. Update existing quality management system (QMS) to meet the revised requirements and verify its’ effectiveness,
  5. Where applicable, liaise with your certification body for transition arrangements.


Accreditation Bodies (AB’s) are recommended to

  1. Inform CB’s about the transition process using the appropriate guidance and IAF produced documents,
  2. Plan and allocate resources for training and performing assessments to the revised standard,
  3. Verify that criteria used to assess auditor competence are adequate.


Certification Bodies (CB’s) are recommended to –

  1. Train and monitor auditors to ensure competence is demonstrated
  2. Interact regularly with national standard bodies
  3. Communicate regularly with AB’s
  4. Communicate with other CB’s to co-ordinate information
  5. Inform existing clients and share guidance on the transition process and arrangements for transition
  6. Plan the timing and scheduling of audit and certification activities for the revised standard
  7. Consider the stated transition period and current certification period
  8. Plan the timing of certification decisions for upgrading certificates
  9. Encourage current users of ISO 9001:2008 to implement ISO 9001:2015 at an early stage, taking account of any changes that may occur during the DIS stage
  10. Encourage new users to implement ISO 9001:2015
  11. Arrange audit schedules for existing client organizations

Keep checking this website for regular updates between now and the standard’s final publication.

ISO 9001 2015 Changes

Quality Resource Center Update to Expected  ISO 9001 – 2015 Changes

An official draft of ISO 9001-2015 changes has been released for comment by interested parties and a final draft standard is scheduled for release by the end of November 2014. The new standard is expected to be published in September 2015 with March 2017 for the final discontinuance of the 2008 standard and September 2018 for all concerned to fully implement the new standard.

Until a new standard is published and officially released companies should start planning for a changeover but do nothing to specifically alter their quality systems toward the new standard. Certifying audit companies will follow the above schedule unless it changes.

The 2015 standard will differ in some formal ways and it will be structured differently. The basic areas of quality control will remain the same but with renewed general emphasis on planning and management accountability. A Quality Manual will not be a formal requirement. There will be 10 sections or clauses the last seven of which will be auditable. The reason for the new standard is to promote compatibility with other standards, to recognize the various ways management is capable of satisfying the basic requirements and to respond to quality control needs discovered over time.

The seven auditable clauses will be:

  1. Control of the organization
  2. Leadership
  3. Planning
  4. Support
  5. Operation
  6. Performance Evaluation
  7. Improvement

Risk will be better linked to prevention but no formal risk management process will be specifically required. Risk aversion will be considered an outcome of many areas of the QMS including planning meetings. The basic principles of control and process including effects on consistency and efficiency and customer satisfaction will not change but formal quality manuals or procedure manuals will not be required. The Management Representative will not be required. Permissible exclusions will be replaced by a non-applicable designation subject to validity checks at audits.

A larger emphasis in sections 4, 5, 6, and 7 will be put respectively on:

  1. Organizational purpose
  2. Management accountability and quality objective/QMS integration
  3. Risk and opportunity analysis and follow-up and
  4. Future resources planning. But, no major overhaul will be needed. All other standards will eventually incorporate new changes but the timing is as yet not determined.

In the interim it is suggested that companies can do a gap analysis of the ISO 9001 – 2015 changes and especially with respect to the above for areas to improve. It should also be noted that the auto industry has decided as a whole through its trade organization has decided not to implement the standard due to their heavy investment in the previous standard and TS16149.

Contact us toll free for a complimentary consultation at (800) 244-5409
To speak to one of our experts  immediately call us at (408) 371-9995
You can also Email Us

Next Steps in the ISO 9001:2015 Revision Process

Next Steps in the ISO 9001:2015 Revision Process

The DIS phase (Draft International Standard) is the first major step in the ISO publication process. The DIS ISO 9001 revision 2015 was officially issued for public comment in early May 2014. The next steps will be the review and discussion of changes before the issuance of the FDIS (Final Draft International Standard), expected in November 2014, and the publication of ISO 9001:2015 in September 2015.

The transition period for introducing and adopting the new requirements for organizations with ISO 9001 certification will start after the new version’s publication in September 2015 and organizations will have three years to implement these into their management systems.

While the DIS is not the final release, it does reflect changes to existing requirements. As the revision process goes forward, the later FDIS will likely have minor amendments included before the final revision is issued. Quality Resource Center recommends that all organizations start familiarizing themselves now with the actual requirements of the DIS version.

What are the main expected changes to ISO 9001?

ISO 9001:2015 will have a modernized approach to quality management, characterized by the following:

  • An increased emphasis on achieving value for organizations and customers. The new version will be more results- and improvement-oriented
  • The new version will also have a distinct emphasis on risk management and risk-based thinking
  • Increased requirements for feedback from all involved stakeholders and processes (not only from clients)
  • Greater emphasis on involvement of top management
  • A revised structure to align with all other ISO management system standards and facilitate integration with other management systems
  • The standard will be more readily applicable by service industries and organizations
  • More flexibility on the type and use of documentation; simplified requirements for documented procedures (no longer a “quality manual”)
  • What has not changed is that the customer remains the primary focus

Quality Resource Center will publish information on new developments on a regular basis. Our team is available to support you with this transition and can provide further information and assistance on this new draft standard.