Quality management is evolving

ISO 9001:2015 Update

Time and tide wait for no man and so it seems neither do the good folk at ISO's Technical Committee (TC 176/SC 2). They are responsible for the content of the current revision of ISO 9001 and have spent 3 years planning its next iteration.

Our range of ISO 9001:2015 quality manuals and integrated manual templates cover the requirements of ISO 14001:2015 and OHSAS 18001:2007, and offer an easy way to implement and document your organization's quality management system or integrated management system.

Risk-based thinking and the effects of uncertainty

ISO 9001:2015 will define risk as the 'effect of uncertainty'. Therefore, all risks relating to quality, safety, commercial or the environment, etc. can be dealt with under a single 'multidisciplinary' aspect of the management system.

The risk management aspect of ISO 9001:2015 should be part of this analysis and any new process definitions would require the assignment of process owners to manage this aspect, typically senior managers or by engaging more of your organization's leaders as new process owners.

To support the inevitable transition that your organization will have to make, you should learn about the key changes, understand the key concepts, plan how to implement the new requirements and stay informed with developments. Further changes to the standard are likely during the period of revision, you should not make changes to your management system at this stage.

Risk-based thinking

How does ISO 9001:2015 intend to address the subject of risk and risk-based thinking? Risk-based thinking is something we do automatically in our lives; often sub-consciously, but the concept of risk was always implied by ISO 9001:2008. The new risk-based requirements will help to prioritise this topic as the new requirements will become part the standard quality management system framework.

Most organizations intuitively take a risk-based approach to identifying, analysing and prioritising perceived risks and opportunities as this process forms a key part of the preventive action routine. Presently, there are six clauses in ISO 9001:2015 which require an organization to consider risk:

  • Clause 4 - determine the risks which can affect its ability to meet these objectives;
  • Clause 5 - top management are required to commit to ensuring Clause 4 is followed;
  • Clause 6 - take action to address risks and advance opportunities;
  • Clause 8 - implement processes which identify and address risk in its operations;
  • Clause 9 - monitor, measure, analyse and evaluate the risks and opportunities;
  • Clause 10 - improve by responding to changes in risk.

Compliance with ISO 9001:2015 will require objective evidence that these clauses have been fulfilled. The adoption of risk-based thinking will, over time, improve customer confidence and satisfaction by assuring the consistency of the quality of goods and services brought on by establishing a proactive culture of prevention and improvement.

Ongoing review is essential to ensure that risk management processes remain relevant and effective. The factors that affect the likelihood and consequences of an event may change, as may the factors that affect the suitability of treatment options. Process monitoring should provide information about the effectiveness of the risk management process.

Our quality management system templates offer a reliable way of achieving process based compliance to ISO 9001:2008 and will ease the eventual transition to the new version of ISO 9001:2015. The three year transition period, ending in September 2018, is plenty of time to achieve compliance even if you are beginning from scratch!

More on ISO 9001:2015

ISO 9001:2015