9 Main Changes Between ISO 9001:2015 and 9001:2008
13 October 2018
There are several ISO 9001 changes from 2008 to 2015 (ie, the ISO 9001:2015 revision), and those changes bring many benefits to the companies that implement them. Still, making the transition to ISO 9001:2015 can be challenging.
If you are planning on upgrading your quality management system from the 2008 standard to 2015, you will need to become familiar with the new terminology, changes in structure, changes in requirements, and new requirements.
If you've never implemented ISO 9001 at your company before, you don't need to be concerned about the changes. Instead, you may look at our articles on 5-Step ISO 9001 implementation and get started.
9 Ways ISO 9001:2015 is Different from ISO 9001:2008
Here are some of the differences between the 2008 and 2015 ISO 9001 Quality Management Standards:
1. ISO 9001:2015 Has 10 Clauses - ISO 9001:2008 Had 8
The first difference you may notice with the 2015 revision is that the number of clauses has increased by two. While some remain mostly the same, a few of these clauses are also different in scope and content compared to the 2008 version. Here are the lists of clauses for both versions:
ISO 9001:2008
Introduction
Scope
Normative references
Terms and definitions
Quality management system
Management responsibility
Resource management
Product realization
Measurement, analysis and improvement
ISO 9001:2015
Introduction
Scope
Normative references
Terms and definitions
Context of the organization
Leadership
Planning
Support
Operation
Performance evaluation
Improvement
Notably, clauses 4 through 10 (which contain the actual requirements) in ISO 9001:2015 have been set up to follow the PDCA cycle. PDCA stands for "Plan, Do, Check, Act". Also known as the Deming Cycle, PDCA is a continuous quality improvement model that is used in a variety of contexts, from Six Sigma implementations to school work processes. The "C" can also be replaced by "S" or "Study", with the abbreviation changing to PDSA.
The main point of the PDCA cycle is to help facilitate change in an organized, systematic manner. As you can see, this model fundamentally supports the ISO 9001 goal of improving quality management.
2. ISO 9001:2015 Follows the New High Level Structure (Annex SL) Guidelines
High Level Structure is simply a fancy way of saying that ISO is making the formatting of management systems standards consistent across all the standards. This means that the structure, punctuation, choice of words, and basic terminology will all be consistent and match wherever possible. The High Level Structure is defined in ISO's Annex SL.
ISO 9001 is often seen as the fundamental management standard; many of its requirements can also be found in other ISO standards. The new High Level Structure places these requirements under identical chapter numbers, making it much easier to integrate different ISO standards. While HLS is about achieving better compatibility, clarity and more efficiency when implementing several ISO standards, the new structure has little impact on companies that only use ISO 9001.
3. Some Terminology Is Different in the 2015 vs. 2008 Version
Every revision of ISO 9001 also brings along a change in terminology. ISO is trying to make the standard easier to understand while at the same time make it applicable to every business of every industry and every part of the world. The ISO 9001 requirements are supposed to be just as applicable to a multinational tools manufacturer as they are to a village hospital in Africa. Time will show if the newest language works well for everybody.
The most important changes in definition revolve around products and objects. In ISO 9001:2015, the term "object" was introduced. It has an extremely broad definition of any sort of conceivable "thing" in existence. This may not make much sense unless you view it in the context of modifying terms such as "quality" or "design". Basically, the idea is to give ISO 9001 broad application across an infinite number of potential uses in every industry.
The term "products" has been changed to "outputs", which can refer to both products and services. In other words, a service-based business may not create a physical, tangible product to sell, but they offer a service. The term "output" can thus apply to both service-based businesses as well as companies that produce actual products (whether physical or virtual). This change should be particularly beneficial to service providers who, in the 2008 version, had to understand "service" when ISO 9001:2008 said "product".
Other term definitions to be aware of:
Customer property: customer property, in the context of ISO 9001, used to refer to products and services provided by the customer. In ISO 9001:2015, customer property has been expanded to include also processes owned by the customer.
Continual improvement: In ISO 9001:2008, continual improvement referred to improving the ability to fulfill requirements. ISO's 2015 revision has broadened the meaning of this term; it now means getting better results by enhancing performance.
Risk-based thinking: Risk-based thinking is a new term introduced in the 2015 revision; it replaces "preventative action" known from previous ISO 9001 versions. The idea is that true risk-based thinking will automatically lead to preventative action where appropriate.
Other terms that are no longer used within the ISO 9001:2015 requirements include product realization, management representative, and equipment (now resources).
It is important to note that all changes in terminology only affect how the standard is written. The new terminology does not need to become part of a company's ISO 9001 documentation. In fact, companies are explicitly encouraged to use the wording that works best for them rather than just adopt whatever words are used in the ISO 9001 standard.
4. ISO 9001:2015 Is Process-Based
The process approach has been part of ISO 9001 since the year 2000 revision. While in the past the concept of process approach may not have been properly addressed and utilized by some companies, the latest revision of ISO 9001 places much greater emphasis on processes. The entire focus of the ISO 9001:2015 requirements is to encourage a comprehensive process approach to quality management.
The idea is to manage the company as a system (note the last two words of "quality management system") of interrelated processes. Typically, the output of one process is the input of one or more other processes. The ISO 9001:2015 process approach is all about integration. No longer can processes be viewed as stand-alone activities.
5. ISO 9001:2015 Puts More Focus on Input and Output
The concept of input and output is closely related to the process approach. In the context of ISO 9001:2015, "input" and "output" refer to the starting point and the results of activities.
In a nutshell, a process will take an input, for example, a raw material, and then transform it into an output, such as a finished product. Of course, this is a very simple example, and the process of turning a raw material into a finished product will incorporate a number of smaller, interrelated processes along the way. The same concept applies to services, where both physical and non-physical inputs could enter an activity (process) and in a service (for example, a school lesson).
The main thing to remember is that we are focusing on how that process takes the input and uses it to result in an output. This could relate to anything from graphic design (to create collateral marketing material) to handling complaints. It can apply to just about everything that happens in a business.
6. Risk-Based Thinking Is at the Core of ISO 9001:2015
As we mentioned above in reviewing ISO 9001:2015's new terminology, risk-based thinking is one of the new aspects of the 2015 revision. While the term is completely new, the concept of risk-based thinking is actually only an expansion of preventive action (a term no longer used in the text of the ISO 9001: 2015 standard). It's also interesting to note that the opposite of risk, opportunity, is also part of risk-based thinking.
The chapter on preventive action is gone, but a new chapter on risk-based thinking is included in ISO 9001:2015. Companies with a good preventive action system in place will find that little change is required, while companies that never paid much attention to preventive action will find that ISO 9001:2015 gives them some useful tools to address this rather important issue.
7. The Context of the Organization Is Important in ISO 9001:2015
Understanding the context of the organization refers to reviewing and understanding the internal and external environment and influences that shape a company. An alternative term for "context of the organization" could be "environment in which the company operates". ISO 9001:2015 groups this environment into internal environment, external environment and interested parties.
The new standard requires to analyze the context of the organization: what are the company's strengths and weaknesses, what are the opportunities and threats? The issues to be considered are far reaching and different for each organization. Included may be issues like new laws, technical innovations, and cultural shifts that might have an impact on the business.
Interested parties include customers and potential customers, suppliers, owners, employees, third party organizations like trade unions and activists, as well as government bodies. When analyzing the context of the organization, companies determine interested parties and their requirements and expectations, their importance and their impact on the organization.
8. Leadership and Commitment Are Stressed in ISO 9001:2015
ISO 9001 has always been a quality management system. Notice the word "management". In other words, ISO 9001 is a tool for management. Since top management has always had a leading role in the ISO 9001 quality management system, the ISO 9001 changes from 2008 to the 2015 version regarding leadership and commitment should be rather minor for those companies that have used ISO 9001 as a real tool for top management. Companies whose top management had delegated ISO 9001 to others will find that ISO 9001:2015 requires significant involvement of executive management. Top managers will put the QMS in line with the overall strategic direction of the business, and top managers will "walk the talk".
9. ISO 9001:2015 Can Be Better Integrated with Other ISO Standards
Finally, ISO 9001:2015 is designed from the top down to be more compatible with other ISO management standards. This is more than just adhering to the new High Level Structure. It's about using ISO 9001 as a foundational platform from which other ISO systems can be implemented. Companies with an ISO 9001 QMS in place will find it easier to implement ISO 14001 or other ISO standards that are specific to their industry without duplication of efforts.
Transitioning Your ISO 9001 Certification from 2008 to 2015
The three-year transition period to move from ISO 9001:2008 to ISO 9001: 2015 ended on September 13, 2018. All ISO 9001:2008 certifications are now invalid.
If your company used to be certified to ISO 9001:2008 and you are considering a transition to ISO 9001:2015, we recommend that you take a good look at your current quality management system. Is it worthwhile to build upon it, or would it be better to start fresh with an efficient, business-friendly system? The expiration of your certification could be an indicator for a quality management system that is no longer actively used, probably because it didn't add value to your organization.