QMS Requirements – Prepared by the Technical Committee ISO/TC 176 “Quality management and quality assurance”. The ISO 9001:2015 international standard deploys and specifies the requirements and criteria for a Quality Management System (QMS). Thus, it aims to support organizations to develop, implement and improve their own QMS.
The changing business environment, the globalization, the more complex supply chains and the increasing customer requirements demanded the need to modify the quality management system in a way that can reflect to these increasing needs. Despite the changes, the basic intention of the standard remained the same.
To help organizations providing products and services that:
- Meet all customer needs and …
- Comply with regulatory requirements.
ISO standards are reviewed and revised every five years. Since its introduction in 1987, this is the 4th update of the ISO 9001 quality management standard. The content of the standard is composed along seven dimensions.
Which are the substance of implementing and maintaining an efficient QMS:
- Customer focus.
- Leadership.
- Engagement of people.
- Process approach.
- Improvement.
- Evidence-based decision making.
- Relationship management.
The new standard is still adoptable by any organization, and it doesn’t depend on the size or scope of the organization. Thanks to the latest changes, service providing companies can even implement it more easily, than before. Compared to the previous edition (ISO 9001:2008), the new ISO 9001:2015 has been restructured (see correlation matrix below), showing a different topic layout that is in close conjunction with the PDCA methodology (see new structure below).
Key Structure
Thanks to a more common and high-level structure (all future management system standards will use this structure), ISO 9001:2015 can be easily aligned with other management systems. The new structure (point 4 to 10) is based on the PDCA principles:
From “Introduction” to the “Terms and Definitions”, the ISO 9001:2008 and ISO 9001:2015 standards have the same structure, but the rest has changed. The next matrix visualizes these changes.
ISO 9001 Correlation matrix of clauses | |
| ISO 9001:2008 | ISO 9001:2015 |
| 0. Introduction | 0. Introduction |
| 1. Scope | 1. Scope |
| 2. Normative References | 2. Normative References |
| 3. Terms and Definitions | 3. Terms and Definitions |
| 4. Quality Management Systems | 4. Context of the Organization |
| 5. Management Responsibility | 5. Leadership |
| 6. Planning | |
| 6. Resource Management | 7. Support |
| 7. Product Realization | 8. Operation |
| 8. Measurement, Analysis and Improvement | 9. Performance Evaluation |
| 10. Improvement | |
Not just the structure of the standard changed, but the content as well. The upcoming section shows some “good to know” modifications.
Major changes in details:
- New structure (as described above), and simplified language, in conjunction with other management systems, for easier adoption.
- The new standard puts greater emphasis on leadership engagement.
- The context and environment of the organization must be in focus, before the setup of a new QMS.
- Instead of having the distinction of “documents” and “records”, the new standard uses a common naming: “documented information”.
- More focus on proactive, risk-based thinking: the new standard expects to identify and address the risks that may influence the operation of the company, or disrupt the quality management system.
- General requirements and exclusions: ISO 9001:2015 expects its requirements to be applied by the organization, however, it allows the exclusion of a requirement, if you can justify and explain this exclusion, and it doesn’t harm the compliance of products or services.
- A new term “object” has been introduced that can mean anything like quality, design and development, etc. In addition, “products” and “services” are also referred to as outputs.
- The meaning of “continual improvement” has been raised to a new level. In the previous version it meant the improvement of your abilities (to fulfil requirements), but now it has a new meaning: enhancement of performance.
- The new name of “preventive action” is “risk-based thinking”.
Suggestions
By upgrading your quality management system to a new level (to be ISO 9001:2015 conform), you need to first understand the changes to be familiar with all modified requirements, however many aspects of ISO 9001 remained the same. The 3 years long transition period started in 2015, so the “old” certifications to ISO 9001:2008 will not be valid after 30th of September, 2018. During the co-existence period, your ISO 9001:2008 based certificate is 100% valid.
New users should contract with certification bodies and management system developers for starting directly with the new ISO 9001:2015. Current users, who already have their certification based on ISO 9001:2008, should initiate a transition plan to the new standard. ISO has already given hints for this transition:
- Get familiarized with the new standard.
- Identify the organizational gaps.
- Develop an implementation plan (hint: involve 3rd part consultants).
- Provide appropriate training and awareness (hint: involve 3rd party trainers if necessary).
- Update your existing quality management system.
- Ask your certification body for the transition.
Having a transition is more complex than the previous one. That time (between 2008 and 2010) the transition period was only 2 years long, since the 2008 edition was “just” a minor revision of its previous edition, but the 2015 is considered as a major one, bringing greater changes and in some way a modified approach.
For the automotive industry, it is also an important note, that the new IATF 16949:2016 is still in close conjunction with ISO 9001:2015.
ISO has made a comprehensive and detailed list of changes, so the before / after state can be compared easily.
The detailed ISO 9001 Correlation matrix | |
| ISO 9001:2015 (from September, 2015) | ISO 9001:2008 |
1 Scope | 1 Scope 1.1 General |
4 Context of the organization | 4 Quality management system |
| 4.1 Understanding the organization and its context | 4 Quality management system 5.6 Management review |
| 4.2 Understanding the needs and expectations of interested parties | 4 Quality management system 5.6 Management review |
| 4.3 Determining the scope of the quality management system | 1.2 Application 4.2.2 Quality manual |
| 4.4 Quality management system and its processes | 4 Quality management system 4.1 General requirements |
| 5 Leadership | 5 Management responsibility |
| 5.1 Leadership and commitment | 5.1 Management commitment |
| 5.1.1 General | 5.1 Management commitment |
| 5.1.2 Customer focus | 5.2 Customer focus |
| 5.2 Policy | 5.3 Quality policy |
| 5.2.1 Establishing the Quality Policy | 5.3 Quality policy |
| 5.2.2 Communicating the Quality Policy | 5.3 Quality policy |
| 5.3 Organizational roles, responsibilities and authorities | 5.5.1 Responsibility and authority 5.5.2 Management representative 5.4.2 Quality management system planning |
6 Planning | 5.4.2 Quality management system planning |
| 6.1 Actions to address risks and opportunities | 5.4.2 Quality management system planning 8.5.3 Preventive action |
| 6.2 Quality objectives and planning to achieve them | 5.4.1 Quality objectives |
| 6.3 Planning of changes | 5.4.2 Quality management system planning |
7 Support | 6 Resource management |
| 7.1 Resources | 6 Resource management |
| 7.1.1 General | 6.1 Provision of resources |
| 7.1.2 People | 6.1 Provision of resources |
| 7.1.3 Infrastructure | 6.3 Infrastructure |
| 7.1.4 Environment for the operation of processes | 6.4 Work environment |
| 7.1.5 Monitoring and measuring resources | 7.6 Control of monitoring and measuring equipment |
| 7.1.5.1 General | 7.6 Control of monitoring and measuring equipment |
| 7.1.5.2 Measurement traceability | 7.6 Control of monitoring and measuring equipment |
| 7.1.6 Organizational knowledge | No equivalent clause |
| 7.2 Competence | 6.2.1 General 6.2.2 Competence, training and awareness |
| 7.3 Awareness | 6.2.2 Competence, training and awareness |
| 7.4 Communication | 5.5.3 Internal communication |
| 7.5 Documented information | 4.2 Documentation requirements |
| 7.5.1 General | 4.2.1 General |
| 7.5.2 Creating and updating | 4.2.3 Control of documents 4.2.4 Control of records |
| 7.5.3 Control of documented Information | 4.2.3 Control of documents 4.2.4 Control of records |
8 Operation | 7 Product realization |
| 8.1 Operational planning and control | 7.1 Planning of product realization |
| 8.2 Requirements for products and services | 7.2 Customer-related processes |
| 8.2.1 Customer communication | 7.2.3 Customer communication |
| 8.2.2 Determination of requirements for products and services | 7.2.1 Determination of requirements related to the product |
| 8.2.3 Review of the requirements for products and services | 7.2.2 Review of requirements related to the product |
| 8.2.4 Changes to requirements for products and services | 7.2.2 Review of requirements related to the product |
| 8.3 Design and development of products and services | 7.3 Design and development |
| 8.3.1 General | 7.3.1 Design and development planning |
| 8.3.2 Design and development planning | 7.3.1 Design and development planning |
| 8.3.3 Design and development inputs | 7.3.2 Design and development inputs |
| 8.3.4 Design and development controls | 7.3.4 Design and development review 7.3.5 Design and development verification 7.3.6 Design and development validation |
| 8.3.5 Design and development outputs | 7.3.3 Design and development outputs |
| 8.3.6 Design and development changes | 7.3.7 Control of design and development changes |
| 8.4 Control of externally provided processes, products and services | 7.4.1 Purchasing process |
| 8.4.1 General | 4.1 General requirements 7.4.1 Purchasing process |
| 8.4.2 Type and extent of control | 7.4.1 Purchasing process 7.4.3 Verification of purchased product |
| 8.4.3 Information for external providers | 7.4.2 Purchasing information 7.4.3 Verification of purchased product |
| 8.5 Production and service provision | 7.5 Production and service provision |
| 8.5.1 Control of production and service provision | 7.5.1 Control of production and service provision 7.5.2 Validation of processes for production and service provision |
| 8.5.2 Identification and traceability | 7.5.3 Identification and traceability |
| 8.5.3 Property belonging to customers or external providers | 7.5.4 Customer property |
| 8.5.4 Preservation | 7.5.5 Preservation of product |
| 8.5.5 Post-delivery activities | 7.5.1 Control of production and service provision |
| 8.5.6 Control of changes | 7.3.7 Control of Design and Development Changes |
| 8.6 Release of products and services | 7.4.3 Verification of purchased product 8.2.4 Monitoring and measurement of product |
| 8.7 Control of nonconforming outputs | 8.3 Control of nonconforming product |
9 Performance evaluation | 8 Measurement, analysis and improvement |
| 9.1 Monitoring, measurement, analysis and evaluation | 8 Measurement, analysis and improvement |
| 9.1.1 General | 8.1 General 8.2.3 Monitoring and Measurement Processes |
| 9.1.2 Customer satisfaction | 8.2.1 Customer satisfaction |
| 9.1.3 Analysis and evaluation | 8.4 Analysis of data |
| 9.2 Internal audit | 8.2.2 Internal audit |
| 9.3 Management review | 5.6 Management review |
| 9.3.1 General | 5.6.1 General |
| 9.3.2 Management review input | 5.6.2 Review input |
| 9.3.3 Management review output | 5.6.3 Review output |
10 Improvement | 8.5 Improvement |
| 10.1 General | 8.5.1 Continual improvement |
| 10.2 Nonconformity and corrective action | 8.3 Control of nonconforming product 8.5.2 Corrective action |
| 10.3 Continual Improvement | 8.5.1 Continual improvement 8.5.3 Preventive action |
Summary
- ISO 9001:2015 international standard deploys and specifies the requirements and criteria for a Quality Management System (QMS).
- ISO 9001:2015 is part of the ISO 9000 family.
- The ISO 9001 standard was first published in 1987 (it was released as ISO 9001:1987)
- The key elements of the standard are customer focus, leadership, engagement of people, process approach, improvement, evidence-based decision making and relationship management.
- ISO is the developer of international standards and does no certify companies, the certification is always performed by accredited certification bodies.
- ISO 9001:2015 replaced ISO 9001:2008 in September, 2015 and the transition period lasts until September, 2018.