Time to make the change: here is our breakdown of ISO 9001:2015

Businesses have until the 14th September 2018 to change from ISO 9001:2008 to ISO 9001:2015 otherwise they face losing certification. Risk ZA spells out the necessity for this standard, the differences made with the revision, as well as how you can go about making the change.


What is ISO 9001:2015?

Firstly, we must underline the importance of the ISO 9001 standard, as it is the world’s most popular and commonly used quality management system standard. ISO 9001:2015 is part of the ISO 9000 family that deals with various aspects of quality management in an organization. The standard helps ensure that an organisation’s outputs always meet customer’s requirements and the management arrangements to assure this consistency are continuously improving. The great thing about ISO 9001:2015 is that it is applicable to and can be used by any type of business, be it large or small.


What can it do for my business?

The ISO 9001 quality management system standard benefits an organization by showing:

  • Your organization’s products or services are of a consistent level of quality
  • Your products/services comply with the law and related regulations; meet the customer’s and organisation’s requirements
  • Helps better organize the business processes to ensure high levels of efficiency as well as help to continuously improve these processes.
  • If you are trading internationally or would like to in the future, ISO 9001 is a must have.

These factors contribute to the betterment of the organization, because you comply with internationally recognised standards. It increases customer satisfaction whilst simultaneously securing your organisation’s assurance of supply, because many organisations demand these standards as a requirement for doing business.


I was certified with ISO 9001:2008? Why the change and what’s the difference?

It’s important to remember that all ISO Standards are reviewed from time to time to ensure that they are relevant and current for the marketplace. ISO 9001 is reviewed every five years; this particular revision (ISO 9001:2015) has been designed to respond to the latest governance trends as well as to ensure compatibility with other management system standards.


One of the main changes made is that the core of ISO 9001:2015 now requires risk-based thinking. Organizations are now pushed to use risk identification to determine for themselves which challenges/difficulties they foresee in the management of their business processes. How serious is ISO 9001:2015 on risk management? The word ‘Risk’ occurs 48 times in ISO 9001:2015, compared to three times in ISO 9001:2008. This means that risk-based thinking should be a standard approach for everyone. A consequence of introducing risk-based thinking is that the ‘preventative action’ clause in ISO 9001:2008 has been made obsolete, and therefore this requirement no longer appears in ISO 9001:2015.

Common ground

Another fundamental change made to this standard is that the new ISO 9001:2015 is based on Annex SL of ISO Directive 1, which is the new high-level structure for all management system standards. This brings a common framework to all ISO management system standards. If an organisation wishes to implement other management systems such as those compliant to ISO 14001 in addition to ISO 9001, the common topics can easily be recognized in the standards. This applies some common requirements and common language across all standards, and therefore offers one way to align management systems satisfying multiple ISO standards.

Plan. Do. Check. Act

There are now 10 clauses in ISO 9001:2015 compared to the 8 in IS0 9001:2008. The first 3 clauses have remained the same whilst the remaining seven are still arranged in the Plan-Do-Check-Act cycle. This cycle can be applied to all processes and to the quality management as a whole.

From the top

ISO 9001:2015 requires a greater involvement from top management to be in-charge of the quality management system. The reason for this is to ensure that top management takes more responsibility for the effectiveness of the organisation’s quality management systems.

In ISO 9001:2008 the management representative was a member of the management committee who was given the role of ensuring that the implemented quality management system was implemented. ISO 9001:2015 has now shifted accountability upwards and no longer mentions the need for a management representative anymore. It emphasizes that quality is a matter in which everyone should be involved, at all levels and throughout all functions of the organisation.


How do I make the change?

Before making any changes, build the required capacity within the organization. Understanding and knowledge is fundamental in driving a successful change. Risk ZA can assist companies in building this capacity through our inhouse and public training courses. Next perform a gap analysis to assess the nature of changes that are required. If you don’t feel confident conducting a gap analysis you may call on a Risk ZA qualified Lead Auditor to assist. Finally fill the gaps by making the necessary upgrades to the quality management system. Risk ZA offers guidance that will lead your team to certain compliance. Once ready you can contact  Risk ZA to conduct a pre-certification, or readiness audit, implement corrective action and you’re good-to-go.

5 thoughts on “Time to make the change: here is our breakdown of ISO 9001:2015”

Leave a Comment

%d bloggers like this: