ISO 9001:2008 was revised and reissued as ISO 9001:20015 last year. Companies have until 2018 to update their registration to the new requirements. Several other ISO standards have also been updated or are in the process of being updated including:
- ISO 14001:2015 for Environmental Quality Management Systems
- ISO 13485:2015 Quality Management Systems for Medical Devices
- TS16949 for Automotive Quality Management Systems was updated and released in October of this year
- OHSAS 18000 for Health and Safety is expected to emerge from the committee in January of 2017
- Other standards can be expected to follow similar timelines
The evolution of ISO 9001, the mother standard for most quality compliance system requirements, has followed a fairly reasonable path since its initial release in the 1980s. The first generation of the standard focused on developing a dependable framework of system elements that permitted customers to make reasonable expectations that certain elements would always be in place such as documentation and corrective action systems as well as uniform approaches to complaint handling. There was certainly room for both criticisms and improvements to that initial release. Tom Peters, a much respected quality guru, famously pointed out that you could manufacture concrete life-vests and still become registered to the standard. Subsequent generations of the Standard addressed these reasonable observations and introduced requirements for continual improvement and began a move towards a more process based approach to Quality. This process based approach is best demonstrated by repeated references to the Deming Cycle of Plan, Do, Check, Act.
In the 2015 revision this logic is carried further by stressing: “risk versus opportunity” based decision making coupled with clarification of language that makes the standard a better fit for companies that are primarily service based in their offerings.
Clauses have been reshuffled and new approaches taken to standards nomenclature to make the vocabulary more uniform across the standards to ease the burden on companies that are balancing support for multiple registrations.
Most companies I speak with are very concerned about the requirements for risk assessment and how they should approach compliance to this new requirement. There are a few very important points to keep in mind when addressing the requirement for risk versus opportunity based decision making:
- Most importantly, the 2015 revision does not require a company to completely eliminate risk. It requires you to quantify, consider and mitigate risk in your key quality and business processes.
- It does not proscribe a specific method for quantifying risk. You can choose what makes sense for your business. It can be a very formal RPN calculation or it can be a less formal rating methodology using a scale of 1 thru 4 with 1 rated as unacceptably high and 4 listed as minimal risk for example.
- Risk can be a conscious decision to pursue a new technology or opportunity where you believe the opportunity outweighs the quantified risk.
- Risk can be shared by agreement with customers and suppliers.
- Risk can be offset and mitigated by control and Contingency plans.
Placed in perspective, the updates to the ISO 9001:2015 Standard have put far more control concerning how your organization can choose to approach compliance. You now have more control of your Quality Management System as long as the results indicate a healthy organization and appropriate management of customer expectations and the needs of other stakeholders. Nothing we see in the new revision should create an undue burden for compliance in most organizational approaches. Keep an open mind and view it as another opportunity to improve your Quality Management System with the additional positive of improved organizational decision making.
View the recording of our recent webinar:
“Understanding the Impact of Changes to ISO 9001:2015”
About the Author:
Mary V McAtee, Technical Presales Consultant
Mary McAtee has been a member of the QMS organization for over 20 years. She is a 40 year Quality professional specializing in Reliability Engineering for semiconductor and nuclear devices. She obtained her BS in Mechanical Engineering and spent her early career focusing on best practices and strategies for moving complex R&D projects into production while maintaining fidelity to the initial design and quality requirements. She won the General Manager’s Award at New England Research Center for developing a R&D centric Quality Management Systems for the output of the research scientists. She is an exam qualified lead assessor for ISO 9001, ISO 14001, TS 16949, ISO 13485 and TickIT. Mary has led several organizations to successful registrations to various standard, as well as written and presented on the topic of compliance and quality extensively over the years. She is currently working with the Development organizations and other Siemens “Centers of Excellence”, in the US and Europe to develop a broader uniform interpretation of primary norms and compliance standards. She is also the QMS Quality Manager and a Lead Assessor in the Siemens PLM Quality organization.