Presented by:

Joseph W. Krolikowski
Technical Director
 All participants have been muted.

 Please type your questions in the “Question”

section of the dashboard – we will make time
for as many questions as possible at the
conclusion of this presentation.
 Where do these standards come from?
 Why were the changes so dramatic?
 What is the timeline for transition?
 What are the key changes?
 Do we have to overhaul our current system?
 FAQs from past presentations
 Final points
 Questions
 The International Organization for Standardization
(ISO) is a collective made up of numerous
international members;

 Each standard is assigned a Technical Committee (TC)

for authorship;

 TC 176 is the Technical Committee assigned to ISO

9001;

 TC 176 includes members from each of the major

industrialized nations;

 American National Standards Institute (ANSI)

 The ISO recognizes that the needs of the industries that
utilize ISO 9001have evolved (and will continue to evolve)
based on changing needs from those industries.

 There is a desire to promote continued adoption of the ISO

9001 standard into more and more sectors and industries.

 There has been a targeted effort to simplify language used

to aid in understanding and promote consistency.

 It was recognized that there was a desire to improve the

cross-compatibility between standards for companies that
wished to achieve more than one certification (ISO 9001,
ISO 14001, etc.)
 During the development of the ISO 9001:2015
standard, Nigel Croft (the TC 176 chairperson)
expressed the following as the three key features that
TC 176 wanted the ISO 9001 standard to have:

◦ Foster a Process Approach (systematic, management,

results based, consistency)
◦ Foster a cycle of Plan-Do-Check-Act (both at the process
and system level)
◦ Foster Risk Based Thinking (preventing undesirable
outcomes)

 Of these, the first two are familiar from ISO

9001:2000 and ISO 9001:2008. The third is new.
 The ISO 9001:2015 standard is nearing the
end of a long term process with several key
dates as shown on the next two slides.
 September 2015
May 2014 – July 2015 – Final
June 2013 – –Publication of
Draft Draft
Issuance of International
International International
Committee Draft Standard – ISO
Standard (DIS) Standard (FDIS)
9001:2015
 September 2018 – All ISO 9001:2008 clients
should have successfully transitioned to the new
standard
 ISO 9001:2015 was published on September
15, 2015. It is available for purchase directly
from the ISO.

 This standard represents the culmination of

nearly 3.5 years of work going all the way
back to the issuance of Annex SL in 2012.
 By virtue of the ISO 9001:2015 reflecting a
publication date of September 15, 2015, the
official cut-off for ISO 9001:2008 has been
established as September 14, 2018

 PJR has established our policy on the cut-off

for ISO 9001:2008 auditing in the FAQ
document available on our website at
www.pjr.com.
 In May 2015, PJR’s management team met to
discuss the needed additional audit time to
properly assess a quality management system
that has transitioned from ISO 9001:2008 to ISO
9001:2015.

 Our analysis has concluded that for most

companies a small amount of additional audit
time will be sufficient.

 Each of our clients will be advised on an

individual basis what additional time will be
required.
 ISO 9001:2015 will be among the first ISO standards to make use
of the standardized structure represented by “Annex SL.”

 Annex SL has also been referred to as the “High Level Outline” or

“Annex XL.”

 Annex SL is part of a larger ISO publication called “ISO/IEC

Directives Part 1 – Consolidated ISO Supplement – Procedures
Specific to ISO.”

 ISO/IEC Directives Part 1 (and Annex SL therein) can be found

here:

 http://www.iso.org/sites/directives/Directives_Consolidated.xht
ml#x---Annex-SL--normative---Proposals-for-management-
system-standards
 Annex SL was first published in 2012 and
represented the output of a special committee of the
ISO called the Joint Technical Coordination Group
(JTCG.)

 A 10 section “blueprint” for authoring all of the ISO

family of standards.

 Annex SL promotes (among other things) utilization

of common terms and core definitions.

 Eventual plan calls for full transition of all ISO

standards to Annex SL structure by 2016 or 2017.
 1 Scope
 2 Normative references
 3 Terms and definitions
 4 Context of the organization
◦ understanding the organization and its context
◦ understanding the needs and expectations of
interested parties
◦ determining the scope of the quality management
system
◦ quality management system and its processes
 5 Leadership and Commitment
◦ general
◦ customer focus
◦ policy
◦ organizational roles, responsibility and authority
 6 Planning
◦ actions to address risks and opportunities
◦ quality objectives and planning to achieve them
◦ planning of changes
 7 Support
◦ resources
◦ competence
◦ awareness
◦ communication
◦ documented information
 8 Operation
◦ operational planning and control
◦ requirements for products and services
◦ design and development of products and services
◦ control of externally provided processes, products, and
services
◦ production and service provision
◦ release of products and services
◦ control of nonconforming outputs
 9 Performance evaluation
◦ monitoring, measurement, analysis and evaluation
◦ internal audit
◦ management review
 10 Improvement
◦ general
◦ non-conformity and corrective action
◦ continual improvement
 The following pages provide insight into the
primary “new” content areas represented by
ISO 9001:2015.
 The term “risk” is used 16 times in the auditable
portion of the ISO 9001:2015;

 Identification and management of risk is being

viewed as a new system wide strategy in much the
same light that Continual Improvement was when ISO
9001:2000 was published.

 A formal/documented Risk Management Process is

NOT specifically required.

 Expands the idea of Risk aversion to one that affects

all of the various areas of the Quality Management
System.
 Clause 6.1.1 of the ISO 9001:2015 standard
states:
◦ When planning for the quality management system, the
organization shall consider the issues referred to in 4.1
and the requirements referred to in 4.2 and determine
the risks and opportunities that need to be addressed to:

a) give assurance that the quality management system

can achieve its intended result(s);

b) enhance desirable effects;

c) prevent, or reduce, undesired effects;

d) achieve improvement.
 Clause 6.1.2 of the ISO 9001:2015 standard states:
◦ The organization shall plan:

a) actions to address these risks and opportunities;

b) how to:
 1) integrate and implement the actions into its quality management system processes (see 4.4);
 2) evaluate the effectiveness of these actions.

◦ Actions taken to address risks and opportunities shall be proportionate to the potential
impact on the conformity of products and services.

NOTE 1
◦ Options to address risks can include avoiding risk, taking risk in order to pursue an opportunity,
eliminating the risk source, changing the likelihood or consequences, sharing the risk, or retaining
risk by informed decision.

NOTE 2
◦ Opportunities can lead to the adoption of new practices, launching new products, opening new
markets, addressing new clients, building partnerships, using new technology and other desirable
and viable possibilities to address the organization's or its customers’ needs.
 There are a number of activities that are required under
ISO 9001:2008 standard that are likely going to help you
demonstrate compliance to Risk Management. These
include:

◦ 5.6 Management Review (an assessment of your overall quality

system leading to targeted improvement efforts),

◦ 7.2.2 Review of Requirements related to the Product (an

assessment of customer expectations against your current
capabilities with steps taken to resolve discrepancies),

◦ 6.2.2 Training (an assessment of competency needs with steps

taken to ensure that personnel are fully qualified and competent),

◦ 8.5.3 Preventive Action (an assessment of potential problems with

actions taken to avoid those issues in the first place.)
 “Procedures”, “Records”, and “Documents” have all been
eliminated in favor of “Documented Information.”

 Annex A-6 provides an important clarification by pointing

out the use of the terms “Maintain” and “Retain.”
◦ “Maintained Documented Information” is generally understood to
be a replacement for past references to “document”, “procedure”,
or “quality manual” – examples of required maintained
documented information include clause 4.3, which requires that
the scope of the quality management system be documented;

◦ “Retained Documented Information” is generally understood to be

a replacement for past references to “record.” – examples of
required retained documented information include clause 9.3.3,
which requires records of management review be retained.
 All references to “Product” now read
“Products and Services.”
◦ This has long been the case already, as clause 3 of
ISO 9001:2008 stated “Wherever the term “Product”
appears it can also mean Service.”
◦ The standard is further pushing the idea of ISO
9001 as being applicable to multiple types of
businesses (those with and those without a tangible
product.)
 “Management Responsibility” has become
“Leadership”
◦ Pushes further the concept that Management must lead
by example and involvement, rather than simply
directing that activities are performed.

 “Continual Improvement” has evolved into a

larger section called “Improvement”
◦ Promotes the concept that Continual Improvement is not
the only aspect of improvement strived for in a quality
system (improvement can also be characterized by
breakthroughs, reactive changes, and reorganizations.)
 Suppliers are now referred to as “External
Providers”
◦ This is intended to better accommodate service
organizations.
◦ The explanation provided in ISO 9001:2015:Annex
A, clause A.8 indicates that “External Providers”
includes the following:
 Outside suppliers;
 Associate companies; and
 Outsourcing.
 ISO 9001:2015 does not specifically require any of the
following:
◦ Quality Manual
◦ Procedures Manual
◦ Work Instructions

 Organizations could theoretically achieve certification

without any of these documents, however auditors will still
be required to verify consistency with the applicable
requirement, consequently the organization will need to
be prepared to show a consistent, effective process for
whatever activity is being reviewed.

 If this can be accomplished without a procedure/quality

manual, it will be accepted.
 The title of “Management Representative” does not appear
within the ISO 9001:2015 standard.

 The implication is not that this responsibility has been

eliminated, but rather that many of this party’s key
functions should now fall to top management itself.

 An organization can certainly appoint a “key” person

(arrangements for audits, key contact for corrective
actions, etc.,) but the management of the quality
management system should NOT be solely that person’s
responsibility.

 This reflects the current “in practice” arrangement for

many of the companies already certified.
 ISO 9001:2015 has removed all verbiage related to
“Permissible Exclusions.”

 Organizations can now claim any item from ISO

9001:2015 under a “Non-Applicable” designation.

 This means that the validity of such designations will

be verified at each audit.

 In practice – not terribly different from current

approach, except that the scope of what can be
claimed for exemption now encompasses the entire
standard. Your current method for documenting
these very likely will not change.
 ISO 9001:2015 includes a new term that is intended to be applied to all Annex SL
based standard – “Interested Parties.”

 The definition of this term is as follows:

◦ “Person or organization that can affect, be affected by, or perceive themselves to be
affected by a decision or activity.” Examples given include customers, owners, people
within the organization, suppliers, bankers, unions, partners, and even competitors.

 Clause 4.2 requires that organization determine who their interested parties are,
but emphasizes “relevant to the quality management system.”

 The intention is that as an organization, you will ensure that your quality
management system considers all relevant input requirements. The term
“Interested Party” is intended to broaden the scope of who such requirements
might come from.

 In practice, this will not require a great deal of additional implementation activity
on the part of the organization. Ensuring that you are cognizant of all applicable
requirements is simply good business.
Most key changes are found in Sections 4, 5, and 6
 Sections 1-3 – Not specifically auditable (as
before)

 Section 4 – Context of the Organization

◦ Similar to ISO 9001:2008 Section 4.0 – Quality
Management System

 Key new questions:

◦ What purpose does the organization serve?
◦ Who does it exist for?
◦ Who are the interested parties?
◦ Does any part of the ISO 9001:2015 standard qualify for
a “non-applicable” designation?
 Section 5 – Leadership
◦ Uses strong language related to top management’s
involvement in the quality management system.

 Key new questions:

◦ Is a Leadership structure evident?
◦ Has Leadership made itself accountable for the
effectiveness (or lack thereof) of the QMS?
◦ Has Leadership ensured that the Quality Policy/Objectives
are consistent with the strategic direction of the company?
◦ Has the quality policy been made available to all interested
parties?
◦ Has the QMS been integrated into the business processes?

 Please note that this does NOT mean that your financial records will be
subject to audit.
 Section 6 – Planning for the quality management
system
◦ Planning is viewed in a whole new light – taking into
account the new concept of risk.

 Key new questions:

◦ Have all risks (and opportunities) been considered?
◦ Have actions been taken or planned for said risks?
◦ With regards to Quality Objectives –
 Who will be responsible?
 What is the target date?
 What is to be accomplished?
 Are they relevant to conformity of products and
enhancement of customer satisfaction?
 Section 7 – Support
◦ Borrows heavily from ISO 9001:2008 Section 6.0 – Resource Management,
as well as bits and pieces from Section 4 and 5.

 One key new idea presented is found in clause 7.1.6 -

“Organizational Knowledge”
◦ This is generally understood to be knowledge gained by experience.
Organizations are now expected to have mechanisms in place to retain
Organizational Knowledge.

 Furthermore, clause 7.1.6 also asks the following key question:

◦ “Has the organization considered changing needs and trends against its
current competency base and determined what is needed for the future?”

 No other significant new content that hasn’t been present in

some form already in ISO 9001:2008.
 Section 8 – Operation
◦ Very similar to ISO 9001:2008 Section 7.0 – Product
Realization, as well as bits and pieces of Section 8.0
◦ No significant new content that hasn’t been present
in some form already in ISO 9001:2008.
 Section 9 – Monitoring, Measurement,
Analysis, and Evaluation
◦ Very similar to ISO 9001:2008 Section 8.0 –
Measurement, Analysis, and Improvement, while
also using content from Section 5.0 – this is now
where Management Review (5.6) is found.
◦ No significant new content that hasn’t been present
in some form already in ISO 9001:2008.
 Section 10 – Improvement
◦ Very similar to ISO 9001:2008 Sections 8.5.1-8.5.2–
Continual Improvement and Corrective Action.
◦ No significant new content that hasn’t been present
in some form already in ISO 9001:2008.
 The changes to the ISO 9001 standard are
actually minimal and quite manageable.

 Even the “new” idea of risk is not so new if

one considers the fact that Preventive Action
has been a part of the ISO 9001 standard
since it was first published.
 The next several slides represent a “cover to
cover” analysis of the content of ISO
9001:2015.
 Introduction Section
◦ 0.1 – General: Provides an overview statement, intentions
on whom the standard benefits, introduces the ideas of
Risk Based Thinking, PDCA, and explains four key terms
(three of these are getting official definitions for the first
time):

 Shall – mandatory requirement (numerous instances);

 Should – recommendation (no uses within the auditable

content);

 May – permission (this term appears once in the auditable

content); and

 Can – possibility or capability – numerous instances.

 Introduction Section
◦ 0.2 – Seven Quality Management Principles – reference to
the ISO 9000 standard is given:
 Customer Focus;
 Leadership;
 Engagement of People;
 Process Approach;
 Improvement;
 Evidence-Based Decision Making; and
 Relationship Management.

◦ 0.3 – Process Approach – reinforcement of the process

approach an improved graphic therein. Reinforcement of
Plan-Do-Check-Act (PDCA) and an improved graphic
therein.
 Introduction Section

◦ 0.3.3 – Risk Based Thinking – definition and

explanation of importance

◦ 0.4 – Relationship with other management system

standards (ISO 9000 and ISO 9004)
 Section 1 – Scope – General verbiage related
to the applicability of ISO 9001;

 Section 2 – Normative Reference – Linkage to

ISO 9000:2015 for all official terms and
definitions;

 Section 3 – Terms and Definitions – currently

without content, but could be used as a
future placeholder for ISO 9001 specific
definitions.
 Sections 4-10 – As previously reviewed;

 Annex A – Informative – Several key points of information and

counsel to be found here, including:
◦ A.1 – Structure and terminology – reinforces the doctrine that an
organization does not have to align their documentation to match ISO
9001:2015, nor does it have to use the specific terms found in the
standard;

◦ A.2 – Products and services – a fuller explanation of intent in changing all

references of “product” to read “products and services”;

◦ A.3 – Understanding the needs and expectations of interested parties – a

more full explanation of intent in the identification of interested parties;

◦ A.4 – Risk based thinking- an extensive section intended to assist in the

more full understanding of this concept, emphasizing that a formal
structure/process for Risk Management is not required;
 Annex A continued
◦ A.5 – Applicability – Further discussion on the logic for removing
“exclusions” from the ISO 9001 standard and the new concept of
“non-applicables”

◦ A.6 – Documented Information – Further discussion on the new

term that has replaced “Procedure”, “Record”, and “Document”;

◦ A.7 – Organizational Knowledge – An explanation of requirements

pertaining to competency and ongoing competency through
various challenges an organization might face, including the loss
of long-time employees;

◦ A.8 – Control of externally provided products and services –

Provides an expansive explanation of this phrase and who it
applies to.
 Annex B – Further, extensive discussion on
the relationship between ISO 9001 and other
publications (ISO 9004, ISO 10001, etc.)

 Bibliography
 Certainly not!

 As previously mentioned, one of the goals of

the TC176 committee in writing the new
standard was to improve its inclusiveness.

 Telling over 1,000,000 world-wide registered

firms that they have to overhaul their system
doesn’t seem terribly inclusive, does it?
 Your quality manual fits your business?
◦ Keep it!

 Your procedures are effective at defining your

key processes and how they operate?
◦ Keep them!

 Quality Policy, Quality Objectives, etc. are all

well known and adding value?
◦ Keep those too!
 The next several slides include key FAQs that
have come up in past offerings of this
training and the answers to those questions.
 It will depend on the extent of revisions that you
make to your quality management system, but
generally – yes you will be expected to provide
some form of transition training to your staff.

 At a minimum, PJR would expect that awareness

training of the new standard would be provided,
as well as an assessment of the new standard’s
impact on the various processes and personnel.

 It is entirely conceivable that the majority of your

staff will feel no effect from your company’s
transition to ISO 9001:2015.
 Internal auditing is viewed in the same light as any other
required competency within a quality management system.
Namely, the organization is responsible for determining what
competencies are required for its internal auditors, as well as the
methods to be used to achieve those competencies.

 To put it more plainly, each organization will have to decide on

its own the extent to which transition training will be needed.

 It is conceivable that a seasoned team of internal auditors could

complete a period of self-study and successfully transition to
auditing ISO 9001:2015.

 As has always been the case, the competency of your internal

auditors will be judged by the overall effectiveness of your
internal audit process.
 All of the major sector specific standards, including
TS 16949 (automotive), AS9100 (aerospace), and
TL9000 (telecommunications) have indicated their
intentions to transition and continue their alignment
with ISO 9001.

 The timelines for these other standard updates are

not fully known at this time, but a 2016 publication
date seems likely for all three.

 At present the only major standard that is not

planning to continue its alignment to ISO 9001 is ISO
13485 (medical devices,) which is in the midst of its
own update with a targeted publication of mid 2016.
 There are many companies at various stages of
implementing a new quality management system in
accordance with ISO 9001:2008 that may be wondering if
there is still value in registering to ISO 9001:2008.

 While PJR cannot make the final decision for you, it is

important to bear in mind that ISO 9001:2008 has just
under 2.5 years of usability left in it.

 It is also important to bear in mind that the very first

audits later this year to ISO 9001:2015 will be a bit more
difficult for both auditee and auditor.

 With the passage of time, auditors will be more

comfortable auditing ISO 9001:2015, ensuring an even
smoother transition.
 The International Accreditation Forum (IAF) has published
an Informative Document (ID 9) which recommends the
following steps be taken in a transition to ISO 9001:2015.
◦ 1) A full review of the ISO 9001:2015 standard should be
performed by Top Management to identify the gaps that need to
be addressed.
◦ 2) A plan of implementation should be developed with assigned
responsibilities.
◦ 3) All quality management system documents (including the
quality and procedures manual (if applicable)) should be updated
to reflect any new or revised processes.
◦ 4) All necessary awareness and transition training should be
completed.
◦ 5) A full system internal audit followed by a Management Review
should be complete.
◦ 6) Corrective Actions for all internal audit findings should be in
process or complete.
◦ 7) Coordination with PJR for planning of transition arrangements.
 Make sure that your existing documentation
(Quality Manual, Procedures, etc.) works for
you first and foremost.

 If a re-numbering enables the documentation

to work better for you, than do so, but it will
not be required.
 Particularly in times of transition, auditors
provide expert analyses of a quality
management system against audit criteria.

 Your auditor will be a valuable resource in

your transition process.
 This is an exciting time for quality system
certification. ISO 9001:2015 is a beneficial
update to a standard with a long track record
of contribution to the world.

 PJR will continue to provide timely updates on

the transition process and will endeavor to
enable our clients as smooth a transition as
possible.
 ISO 9000:2015 was published on September
15, 2015 and is now available for purchase.
◦ Among other points of information, the ISO 9000
standard contains all sanctioned definitions, the
seven quality management principles, and a series
of concept diagrams showing the intended
interrelationships of ideas. As before, this
document is not a certifiable standard.
 ISO 9004 remains at the 2009 revision, for
now.
 ISO 19011 remains at the 2011 revision, for
now.
PJR has prepared two reports that we feel will
be very beneficial to our clients, these are:

 An side by side comparison between ISO

9001:2008 and ISO 9001:2015; and

 An FAQ report highlighting key questions and

answers,

Both of these items can be found on our

website – www.pjr.com
 “ISO 9001 2015 Critical Points of Review During
the Transition Audit Process” is delivered on a
once monthly basis.

◦ This webinar is a deep dive into the new areas

represented by ISO 9001:2015 and how they will be
assessed during the transition audit itself.

 “The Interaction of Processes and its importance

to a successful audit” is also shown once
monthly.

◦ This webinar explores the crucial topic of processes and

how to correctly understand them.
 Do you want to be kept informed of the latest
news automatically?

 Please opt in for future updates by visiting

our website at www.pjr.com

 At the bottom of the page, enter your email

address in the provided space and click
“Subscribe.”