The new ISO 9001:2015 standard for Quality Management Systems (QMS) was issued in late 2015—which means the three-year transition period to become certified to the new version is now in full swing. Change can certainly present challenges; however, the ISO 9001:2015 update is designed to simplify the requirements, focus more on business needs, and make the ISO standards more user-friendly.

That being said, organizations will need to make adjustments to their QMS to meet the new requirements. The major impacts that organizations need to consider for ISO 9001:2015 certification include the following:

• Increased management responsibility
• Organizational identification of risks and opportunities
• Impacts of process implementation vs. guidance procedures
• Overhaul of internal audit requirements

Management Responsibility

The increase in management responsibility requires an organization’s objectives and targets to be:

• Business-driven
• More explicit in content
• Reviewed and monitored on a regular basis

Importantly, the QMS must be connected to the business strategy. This involves management taking ownership for the QMS and creating a vision and strategy for the organization, its employees, and customers to follow and interact with in a mutually beneficial manner. The idea is that this will foster a sustainable business plan.

Identification of Risks and Opportunities

The organization must identify and quantify the risks and opportunities presented by each new business endeavor or market driver they seek to enter. This will help management understand the full operational requirements and potential related consequences that must be addressed prior to moving the organization in a new direction.

The process of identifying risks and opportunities involves reviewing and evaluating employee skill sets, equipment capabilities, facility requirements, logistics requirements, environmental and safety risks, and others. In addition, quality control requirements must be reviewed in terms of possible training and equipment needs, and then verified as either adequate or in need of required changes prior to startup.

Process Implementation

The single largest change to the QMS is arguably the notion of written procedures guiding the organization vs. the use of a process approach to enhance the organization’s ability to exhibit systematic control over any/all changes to the products and/or services it provides. This change represents a shift in the approach regarding business operations.

Under a process approach, the management team must:

• Define inputs and outputs of each process
• Determine the correct performance indicator(s) to assure compliance and customer specifications have been met
• Assign appropriate responsibility for these steps

To comply with ISO 9001:2015, the organization must be able to stop a process and rectify the issues of concern prior to a nonconforming product and/or service being given to a customer. As such, employees are empowered to complete a root cause analysis and then notify management of possible change(s) required.

Internal Audit

Corresponding to the process orientation discussed above, the internal audit program will also need to be revamped to go from auditing a single clause to auditing an entire process. This may require additional auditor training for internal auditors, as well as an overall better understanding of the processes the organization follows in its daily business.

The following tips can all help modify the internal audit process to work under the ISO 9001:2015 standard.

1. Audit one complete process at a time. This will allow auditors to better assess the process itself, identify possible areas for review and improvement, and verify adequacy of current controls in place.
2. Develop flow charts that outline every step in the process(es) and the associated procedures, work instructions, and forms required to assure compliance of each identified step.
3. Look for areas throughout the audit where the product and/or service hand-off between departments and equipment cells may be unclear or confusing, leading to a potential nonconformance to the customer.

Big Steps toward Continuous Improvement

While any one of the changes discussed above would represent a significant improvement over the 2008 version of ISO 9001, taken together and implemented properly, the 2015 updates are set up to help organizations take large step towards continuous improvement.

Under ISO 9001:2015, day-to-day operations should:

• Be more functional and harmonious
• Allow for improvements in product and/or service hand-offs between departments
• Improve the consistency of delivering to the customer exactly what is requested
• Reward the organization with improvements to internal functions and lower costs over time