Work in Progress

07 Jan 2014 08:47
Hits: 2900

ISO 9001:20081 and ISO 14001:20042 are scheduled for major revisions by the end of 2015. Many of the revisions being considered are controversial. In this article we will only examine the changes to ISO 9001, but note that changes to ISO 14001 are similar.

The first step in developing a revised ISO 9001 standard is to create a committee draft (CD). The ISO 9001:2015 CD consists of 10 clauses:

Scope.
Normative references.
Terms and definitions.
Context of the organization.
Leadership.
Planning.
Support.
Operational planning and control.
Performance evaluation.
Continual improvement.
Clauses 1 to 3 are similar to the ones in ISO 9001:2008, although the wording has changed. But, new clauses 4 to 10, which replace current clauses 4 to 8, are quite different.

The revised structure in the CD is based on a document developed by the International Organization for Standardization (ISO)3 that sets out a high-level structure, core text and common terms for ISO management systems standards. The goal is to provide common structures for organizations that comply with multiple standards.

Proposed requirements
The following requirements were included in the CD for the 2015 revision:

1. The process approach is described in clause 4.2. The revised requirements are more extensive than the ones in ISO 9001:2008 and include an identification of:
2. All needed processes, inputs and outputs of each, and their sequence and interaction.
3. Risks to conformity of goods and services.
4. Performance indicators.
5. Resources needed by each process.
6. Responsibilities for each process.
The requirements also include implementation of actions needed, monitoring of operations and continual improvement of each process.

Risk is teamed with opportunities in Clause 6.1—Actions to address risks and opportunities, to provide preventive action. See the "Risk and Preventive Action" for more details.
Corrective action is covered in clause 10.1.

Major changes
The revision changes the structure of ISO 9001 from clauses 8 to 10. This is a major structural change, which means organizations will need to modify their documentation, training and understanding of the goals of the standard. To illustrate the problem, Table 1 is a comparison of clauses 4 through 6 in the CD with the original wording in ISO 9001:2008. Note the loss of coherence of the topics covered.

Table 1

A more complete comparison of the ISO 9001:2008 and the CD can be found in Online Table 1.

Online Table 1

What stands out is that many requirements that were together in ISO 9001:2008 were moved to separate parts of ISO CD 9001:2015. A prime example of this change is the following three requirements in ISO 9001:2008:

-Objectives must be measurable (clause 5.4.1).
- Organizations must build a quality management system plan (clause 5.4.2).
- Responsibility and authority must be defined (clause 5.5.1).

They are together in the 2008 version, but in the 2015 version, have been rearranged to:

-Objectives must be measurable (clause 6.2).
-Organizations must conduct operational planning and control (clause 8.1).
-Organizational roles, responsibilities and authorities must be defined (clause 5.3).

Table 1 shows how the requirements in clauses 4 to 6 of ISO 9001:2008 compare to the same requirements in ISO CD 9001:2015. The requirements are scattered in clauses 5 to 9, and in Annex SL of ISO CD 9001:2015. This could confuse the organization’s personnel and its auditors.

Items left out
In addition to these changes, a review of the proposed 2015 revision indicates the following key provisions were left out of the CD:

Clause 4.2.2—Quality manual and Clause 5.5.2—Management representative in ISO 9001:2008.
ISO CD 9001:2015 Clause 4.2.3—Control of documents contains less detailed requirements than ISO 9001:2008. Missing are requirements to ensure that documents are updated and to prevent use of obsolete documents. In addition, there are no requirements for records control.
The only reference to control of records is in Clause 3.11, note 2—Evidence of results achieved (records). Notes are not requirements.
ISO CD 9001:2015 Clause 7.1.4—Monitoring and measuring devices is incomplete. The details covered in ISO 9001:2008 Clause 7.6—Control of monitoring and measuring equipment are not included in the CD.
Clause 8.5.3 in ISO 9001:2008 requires a process to accomplish preventive action. This has been eliminated in ISO CD 9001:2015. Read the online-only sidebar "Risk and Preventive Action" for more details.

What now?
The U.S. Technical Advisory Group (TAG) working on ISO 9001 was asked to vote on whether to advance the CD to a draft international standard. We voted not to advance the CD because it does not resolve a number of important technical issues. Also, the significant number of reviewer comments indicates the draft generally lacks maturity.

Unfortunately, the U.S. TAG is only one of 65 voting members of Technical Committee (TC) 176 and the CD was approved by a vote of 50 to 12 with three abstentions. Of the 50 approvals, 35 included comments. The comments will be reviewed at the next meeting of TC 176 in November and a draft international standard will be developed and voted on. Approval of the final draft international standard will require a two-thirds approval with less than one-quarter of final votes negative.4

The revisions will also be compared in more detail to ensure ISO 9001 and ISO 14001 will be compatible. The next U.S. TAG meetings occur the week of March 17 in Orlando.

Risk and Preventive Action

Annex SL, Appendix 2 high-level structure and core text does not include a clause giving specific requirements for preventive action because one of the key purposes of a formal management system is to act as a preventive tool.

Consequently, the high-level structure and identical text require an assessment of the organization’s "external and internal issues that are relevant to its purpose and that affect its ability to achieve the intended outcome(s) in clause 4.1, and to determine the risks and opportunities that need to be addressed to: assure the quality management system can achieve its intended outcome(s); prevent or reduce undesired effects; and achieve improvement" in clause 6.1.

These two sets of requirements are thought to cover the concept of preventive action and to take a wider view that looks at risks and opportunities. This approach is continued in the discipline-specific text added to the Annex SL core text to require risk-based thinking and a risk-driven approach to preventive action throughout also has facilitated some reduction in prescriptive requirements and their replacement by performance-based requirements. Although risks have to be identified and acted on, there is no requirement for formal risk management.

In my opinion, removing a specific preventive action requirement from the standard has eliminated one of the most effective tools for improving a QMS.

References
1. International Organization for Standardization, ISO 9001:2008—Quality management systems—Requirements.
2. International Organization for Standardization, ISO 14001:2004—Environmental management systems—Requirements with guidance for use.
3. International Organization for Standardization, ISO/IEC Directives, Part 1, Consolidated ISO Supplement, Annex SL, 2013.
4. International Organization for Standardization, Stages of Development of International Standards, ISO Standards Development, Resource Area, Stages, May 5, 2008.

Reference: QP

Work in Progress

Creating a Culture of Compliance Across Your Supply Chain

#WaterIs... standards!

15 THINGS YOU MUST KNOW ABOUT THE UPCOMING ISO 9001 REVISION

A Closer Look At The Skills Gap

A Galactic Lesson in Quality

A matter of trust - Conformity assessment in a more complex world

A measure of confidence - How standards build trust in weights and measures

A new way of looking at the cause and effect diagram

A resilient world within our reach

A standard for improving communities reaches final stage

A standard to facilitate the daily life of the financial services industry

A Step Forward

According to Plan

Adapting to Troubled Times

Additional support to financial services thanks to ISO/IEC

Adventure tourism - More excitement, less risk

African water benefits from standards

Ahead in the Count

Apples to Oranges?

Are consumers safe in the digital age?

Contact

Company

Certifications

Follow us