The ISO 9001:2008 standard spanned a wealth of proven best practices and guidelines for businesses and organisations. The new revision, ISO 9001:2015, promises to further streamline mission-critical tasks and information flows, and give organisations the ability to customise its adoption of the latest concepts.
History has proven, however, that ISO 9001 is not for wimps. Achieving certification can be strenuous and complex, and requires long-term high-level commitment. It makes sense to start getting in shape for ISO 9001:2015 now. Besides the motivation of keeping up with the competition, here is a summary of the potential benefits from the revised standard and what will be required to realise them.
Redefining document control
ISO 9001:2015 redefines the language and requirements surrounding document control. Instead of clauses for "documents" and "records", the new standard introduces "documented information" that refers to both. Also significant is the omission of explicit reference to documented procedures as requirements.
The evolution of the ISO 9001 language around information helps organisations make better use of digital information assets. "Documented information" promotes linked activities, with the various requirements for conformance defined as integrated processes. Embracing the ISO 9001:2015 model and its new concepts will inherently discourage new information silos and serve to integrate previously created silos.
Bolstering risk management within quality management processes
The new ISO 9001:2015 standard promotes "risk-based thinking" throughout all quality management processes. Besides identifying risks that might negatively impact performance and results, organisations are encouraged to take action to identify opportunities for exceeding expectations. Numerous clauses of ISO 9001:2015 weave risk-based thinking into the new standard's process approach, leadership requirements and planning guidelines.
The viability of risk-based thinking has been proven to deliver benefits in terms of both meeting the organisations quality goals and driving up customer confidence. The focus on risks and opportunities can also establish a proactive culture, with prevention and improvement becoming the mainstays instead of continual problem solving and resolution.
To maximise the benefits of risk-based thinking, ISO 9001:2015 defines the "documented information" that must be kept and used to drive quality management workflows. The standard does not, however, require a formal risk assessment or the maintenance of a central risk repository. Rather, risk management becomes an integrated culture that should be fully supported and implemented by the quality management system. Organisations must carry out risk-based thinking within the context, and adjust action plans to each situation.
Preparing for ISO 9001:2015
The lessons learned from previous updates to the ISO 9001 standard emphasise that quality must be embraced as a component of corporate strategy.
The scope of the standard required broad oversight, but best practices imply that the optimal management system remain lean and include only as much documentation as absolutely necessary. Minimising documentation also makes it easier for individual employees to absorb and understand requirements, which ultimately ensures their use.
Documentation control remains tightly intertwined with ISO 9001:2015 certification efforts, and the new language and focus on "documented information" will make it more important than ever to align an organisation's information management strategies and systems with the updated standard. Preparing for the update should, therefore, include an evaluation of the existing enterprise information management policies and solutions, with the goal of ensuring that ISO 9001 processes can operate efficiently and be accurately managed, measured and audited.
Interested in knowing more? Learn how a leading autopilot developer manages their ISO compliance using M-Files.